cvs commit: src/sbin/ifconfig ifconfig.c
Bruce Evans
bde at zeta.org.au
Sat Oct 25 23:07:02 PDT 2003
On Sat, 25 Oct 2003, Peter Wemm wrote:
> peter 2003/10/25 21:36:47 PDT
>
> FreeBSD src repository
>
> Modified files:
> sbin/ifconfig ifconfig.c
> Log:
> Give wider types to sscanf to fix two warnings (u_short cannot be > 0xffff)
> and to make sure that we catch oversized arguments rather than silently
> truncate them. I dont know if sscanf will reject an integer if it will
> not fit in the short return variable or not, but this way it should be
> detected.
>From n869.txt concerning fscanf():
%%%
condition is a matching failure. Unless assignment
suppression was indicated by a *, the result of the
conversion is placed in the object pointed to by the first
argument following the format argument that has not already
received a conversion result. If this object does not have
an appropriate type, or if the result of the conversion
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
cannot be represented in the object, the behavior is
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
undefined.
^^^^^^^^^
%%%
The other members of the scanf family and all members of the ato*()
family have the same behavior. In other words, these functions are
as useful as gets(3) (their existence is a bug). They can only be
used on data whose value (or length in the case of gets()) is known
to be small enough. This makes them unusable for their most popular
use of parsing command line args.
The actual undefined behavior in FreeBSD's fscanf() is to blindly
assign unrepresntable values. This normally results in errors being
silently ignored.
Bruce
More information about the cvs-src
mailing list