From 866759060c591a194de82d5b6061da7a1f7e4d0f Mon Sep 17 00:00:00 2001
From: Thomas Roessler <roessler@does-not-exist.org>
Date: Wed, 6 Feb 2002 08:58:56 +0000
Subject: [PATCH] Make some scanf formats safe.

---
 lib.h   | 11 +++++++++++
 smime.c | 14 +++++++++-----
 2 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/lib.h b/lib.h
index c6d5c271..d8d21bc2 100644
--- a/lib.h
+++ b/lib.h
@@ -64,6 +64,17 @@
 # define STRING          256
 # define SHORT_STRING    128
 
+/*
+ * Create a format string to be used with scanf.
+ * To use it, write, for instance, MUTT_FORMAT(HUGE_STRING).
+ * 
+ * See K&R 2nd ed, p. 231 for an explanation.
+ */
+# define _MUTT_FORMAT_2(a,b)	"%" ## a ## b
+# define _MUTT_FORMAT_1(a, b)	_MUTT_FORMAT_2(#a, b)
+# define MUTT_FORMAT(a)		_MUTT_FORMAT_1(a, "s")
+# define MUTT_FORMAT2(a,b)	_MUTT_FORMAT_1(a, b)
+
 # define FREE(x) safe_free((void **)x)
 # define NONULL(x) x?x:""
 # define ISSPACE(c) isspace((unsigned char)c)
diff --git a/smime.c b/smime.c
index 1425dc88..fe575645 100644
--- a/smime.c
+++ b/smime.c
@@ -437,10 +437,10 @@ char* smime_ask_for_key (char *prompt, char *mailbox, short public)
     cur = 0;
     Table = safe_malloc(sizeof (smime_id) * cert_num);
     while (!feof(index)) {
-        numFields = fscanf (index, "%s %x.%i %s", fields[0], &hash,
+        numFields = fscanf (index, MUTT_FORMAT(STRING) " %x.%i " MUTT_FORMAT(STRING), fields[0], &hash,
           &hash_suffix, fields[2]);
         if (public)
-          fscanf (index, "%s %s\n", fields[3], fields[4]);
+          fscanf (index, MUTT_FORMAT(STRING) " " MUTT_FORMAT(STRING) "\n", fields[3], fields[4]);
   
       /* 0=email 1=name 2=nick 3=intermediate 4=trust */
       if (numFields < 2) continue;
@@ -514,7 +514,6 @@ char* smime_ask_for_key (char *prompt, char *mailbox, short public)
 
 
 
-
 char *smime_get_field_from_db (char *mailbox, char *query, short public, short may_ask)
 {
   int addr_len, query_len, found = 0, ask = 0, choice = 0;
@@ -555,8 +554,13 @@ char *smime_get_field_from_db (char *mailbox, char *query, short public, short m
     while (fgets (buf, sizeof (buf) - 1, fp) != NULL)
       if (mailbox && !(mutt_strncasecmp (mailbox, buf, addr_len)))
       {
-	numFields = sscanf (buf, "%s %s %s %s %s\n", fields[0], fields[1],
-			   fields[2], fields[3], fields[4]);
+	numFields = sscanf (buf, 
+			    MUTT_FORMAT(STRING) " " MUTT_FORMAT(STRING) " " 
+			    MUTT_FORMAT(STRING) " " MUTT_FORMAT(STRING) " " 
+			    MUTT_FORMAT(STRING) "\n", 
+			    fields[0], fields[1],
+			   fields[2], fields[3], 
+			    fields[4]);
 	if (numFields < 2)
 	    continue;
 	if (mailbox && public && 
-- 
2.40.0