Indicator Date and Time

Merge lp:~charlesk/indicator-datetime/fix-943747 into lp:indicator-datetime/0.4

  1. fix-943747
  2. Merge into trunk.0.4
Proposed by Charles Kerr
Status: Merged
Approved by: Ted Gould
Approved revision: 157
Merge reported by: Charles Kerr
Merged at revision: not available
Proposed branch: lp:~charlesk/indicator-datetime/fix-943747
Merge into: lp:indicator-datetime/0.4
Diff against target: 27 lines (+3/-0)
1 file modified
src/datetime-prefs.c (+3/-0)
To merge this branch: bzr merge lp:~charlesk/indicator-datetime/fix-943747
Reviewer Review Type Date Requested Status
Ted Gould (community) Approve
Review via email: mp+95767@code.launchpad.net

Description of the change

The Coverity warning about sscanf() seems to be that humans need to verify that there won't be a buffer overrun from scanning into a char array. I've done so and added comments to Coverity to silence the warning.

I'm not 100% sure about the use of /* coverity[secure_coding] */ but it appears this is how other projects, such as libinktomi++, do it.

To post a comment you must log in.
Revision history for this message
Ted Gould (ted) wrote :

On Sun, 2012-03-04 at 01:00 +0000, charles wrote:
> I'm not 100% sure about the use of /* coverity[secure_coding] */ but
> it appears this is how other projects, such as libinktomi++, do it.

Me neither, let's try it.

  review approve
  status approved

review: Approve
Revision history for this message
Charles Kerr (charlesk) wrote :

Allan reports that it works :)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'src/datetime-prefs.c'
2--- src/datetime-prefs.c 2012-03-02 03:15:35 +0000
3+++ src/datetime-prefs.c 2012-03-04 00:59:18 +0000
4@@ -405,6 +405,7 @@
5 if (is_locale_12h ()) { // TODO: make this look-at/watch gsettings?
6 char ampm[51];
7
8+ /* coverity[secure_coding] */
9 scanned = sscanf (text, "%u:%u:%u %50s", &hour_in, &minute_in, &second_in, ampm);
10 passed = (scanned == 4);
11
12@@ -415,6 +416,7 @@
13 }
14 }
15 } else {
16+ /* coverity[secure_coding] */
17 scanned = sscanf (text, "%u:%u:%u", &hour_in, &minute_in, &second_in);
18 passed = (scanned == 3);
19 }
20@@ -433,6 +435,7 @@
21 else {
22 gint year_in, month_in, day_in;
23
24+ /* coverity[secure_coding] */
25 scanned = sscanf (text, "%u-%u-%u", &year_in, &month_in, &day_in);
26
27 if (scanned != 3 || year_in < 1 || year_in > 9999 ||

Subscribers

People subscribed via source and target branches