gEDA-dev: sscanf: check the read number of variables

[Werner Hoch <werner_dot_ho-at-NOSPAMgmx_dot_de>]

Hi there,

the current file format reading functions currently don't check the 
return value of sscanf.
(e.g. in o_circle_read(), o_net_read(), ..)

Should we add a check to prevent gschem from reading garbage files?

code example:
------
#include <string.h>
#include <stdio.h>

int main()
{
  int scan_count;
  int d1, d2, d3, d4, d5, d6, d7, d8;

  scan_count = sscanf("1 2 3 4 bb bb", " %d %d %d %d %d %d %d",
                      &d1, &d2, &d3, &d4, &d5, &d6, &d7);

  printf("scan_count=%d d1=%d, d2=%d, d3=%d, d4=%d, d5=%d, d6=%d, 
d7=%d\n",
         scan_count, d1, d2, d3, d4, d5, d6, d7);
  
  return 0;
}
---------

produces the output:
----
werner@linux-m82i:~/oss/geda/gaf> ./a.out
scan_count=4 d1=1, d2=2, d3=3, d4=4, d5=0, d6=4195872, d7=32732
-----

All variables that don't get an propriate value from the buffer string 
of sscanf will have a random value after sscanf.

We could just check the return value of sscanf to make it less likely to 
read invalid files.

Comments?

Regards
Werner


_______________________________________________
geda-dev mailing list
geda-dev@moria.seul.org
http://www.seul.org/cgi-bin/mailman/listinfo/geda-dev