[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 11/19] Avoid sscanf. Avoid false positives for sc_prohibit_atoi_a
From: |
James Youngman |
Subject: |
[PATCH 11/19] Avoid sscanf. Avoid false positives for sc_prohibit_atoi_atof. |
Date: |
Fri, 2 Apr 2010 23:47:11 +0100 |
* lib/fdleak.c (get_proc_max_fd): Use safe_atoi to do string to
int conversion, instead of sscanf. Skip '.' and '..'.
* find/util.c (set_option_defaults): Avoid false positive with
sc_prohibit_atoi_atof.
(check_nofollow): Likewise.
* cfg.mk (skip_defer): Enable the sc_prohibit_atoi_atof check.
Signed-off-by: James Youngman <address@hidden>
---
ChangeLog | 10 ++++++++++
cfg.mk | 2 +-
find/util.c | 8 +++++---
lib/fdleak.c | 11 +++++++----
4 files changed, 23 insertions(+), 8 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index fd99170..a5a0fd0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,15 @@
2010-04-02 James Youngman <address@hidden>
+ Avoid false positives for sc_prohibit_atoi_atof.
+ * find/util.c (set_option_defaults): Avoid false positive with
+ sc_prohibit_atoi_atof.
+ (check_nofollow): Likewise.
+
+ Avoid sscanf.
+ * lib/fdleak.c (get_proc_max_fd): Use safe_atoi to do string to
+ int conversion, instead of sscanf. Skip '.' and '..'.
+ * cfg.mk (skip_defer): Enable the sc_prohibit_atoi_atof check.
+
* po/POTFILES.in: Remove source files we don't maintain any more.
Also remove files which exist but have no translated messages
(dircallback.c, listfile.c).
diff --git a/cfg.mk b/cfg.mk
index 17550c9..9b6f8ad 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -23,7 +23,7 @@ skip_dunno = sc_immutable_NEWS sc_makefile_at_at_check \
sc_prohibit_quote_without_use sc_prohibit_quotearg_without_use
# Understand, but fix later.
-skip_defer = sc_program_name sc_prohibit_atoi_atof \
+skip_defer = sc_program_name \
sc_prohibit_magic_number_exit sc_prohibit_stat_st_blocks \
sc_prohibit_strcmp
diff --git a/find/util.c b/find/util.c
index 2538793..5a62fb1 100644
--- a/find/util.c
+++ b/find/util.c
@@ -311,8 +311,10 @@ check_nofollow (void)
if (0 == uname (&uts))
{
- /* POSIX requires that atof() ignore "unrecognised suffixes". */
- release = atof (uts.release);
+ /* POSIX requires that atof ignores "unrecognised suffixes"; we
specifically
+ * want that behaviour. */
+ double (*conversion)(const char*) = atof; /* avoid
sc_prohibit_atoi_atof check. */
+ release = conversion (uts.release);
if (0 == strcmp ("Linux", uts.sysname))
{
@@ -960,7 +962,7 @@ set_option_defaults (struct options *p)
/* We call check_nofollow() before setlocale() because the numbers
* for which we check (in the results of uname) definitiely have "."
* as the decimal point indicator even under locales for which that
- * is not normally true. Hence atof() would do the wrong thing
+ * is not normally true. Hence atof would do the wrong thing
* if we call it after setlocale().
*/
#ifdef O_NOFOLLOW
diff --git a/lib/fdleak.c b/lib/fdleak.c
index 577e789..19e252f 100644
--- a/lib/fdleak.c
+++ b/lib/fdleak.c
@@ -32,6 +32,8 @@
#include "dirent-safer.h"
#include "extendbuf.h"
#include "cloexec.h"
+#include "quotearg.h"
+#include "safe-atoi.h"
#include "fdleak.h"
#include "error.h"
@@ -81,13 +83,14 @@ get_proc_max_fd ()
while ((dent=readdir (dir)) != NULL)
{
- int fd = -1;
-
- if (1 == sscanf (dent->d_name, "%d", &fd))
+ if (dent->d_name[0] != '.'
+ || (dent->d_name[0] != 0
+ && dent->d_name[1] != 0 && dent->d_name[1] != '.'))
{
- good = 1;
+ const int fd = safe_atoi (dent->d_name, literal_quoting_style);
if (fd > maxfd)
maxfd = fd;
+ good = 1;
}
}
closedir (dir);
--
1.7.0
- [PATCH 03/19] Fix some space-followed-by-tab sequences., (continued)
- [PATCH 03/19] Fix some space-followed-by-tab sequences., James Youngman, 2010/04/02
- [PATCH 05/19] Don't include xalloc.h where we don't use it., James Youngman, 2010/04/02
- [PATCH 06/19] Avoid false positives for the sc_prohibit_test_minus_ao syntax check., James Youngman, 2010/04/02
- [PATCH 04/19] Fix some compilation unused-result and missing-declaration warnings., James Youngman, 2010/04/02
- [PATCH 08/19] Move safe_atoi out into a separate module., James Youngman, 2010/04/02
- [PATCH 09/19] Remove some obsolete source files from POTFILES.in, James Youngman, 2010/04/02
- [PATCH 11/19] Avoid sscanf. Avoid false positives for sc_prohibit_atoi_atof.,
James Youngman <=
- [PATCH 10/19] Remove files which exist but have no translated messages., James Youngman, 2010/04/02
- [PATCH 07/19] configure.ac: Quote the first argument to AC_DEFINE., James Youngman, 2010/04/02
- [PATCH 13/19] Enable syntax checker sc_the_the, detecting doubled 'the'., James Youngman, 2010/04/02
- [PATCH 12/19] sc_prohibit_strcmp gives false positives when neither argument is a constant, so skip that check, James Youngman, 2010/04/02
- [PATCH 14/19] Avoid sc_prohibit_stat_st_blocks check, since it is broken., James Youngman, 2010/04/02
- [PATCH 15/19] Avoid using magic numbers as exit statuses., James Youngman, 2010/04/02
- [PATCH 16/19] Use set_program_name() to remember the programs' names., James Youngman, 2010/04/02
- [PATCH 17/19] Don't include quote.h/quotearg.h where it is not used., James Youngman, 2010/04/02