Mercurial > octave

changeset 33373:2399268f5167

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
check return value from sscanf * lex.ll, __magick_read__.cc: Check the return value in all uses of sscanf and throw error if expected number of conversions are not performed.
author John W. Eaton <jwe@octave.org>
date Thu, 11 Apr 2024 08:44:23 -0400
parents e04e556d836c
children f2314b4a9b1a
files libinterp/corefcn/__magick_read__.cc libinterp/parse-tree/lex.ll
diffstat 2 files changed, 16 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/libinterp/corefcn/__magick_read__.cc	Wed Apr 10 17:42:39 2024 +0200
+++ b/libinterp/corefcn/__magick_read__.cc	Thu Apr 11 08:44:23 2024 -0400
@@ -1876,7 +1876,9 @@
       octave_idx_type n = 0;
       while (std::getline (sstream, sub, char (',')))
         {
-          sscanf (sub.c_str (), "%f", &number);
+          if (sscanf (sub.c_str (), "%f", &number) != 1)
+            error ("fill_exif_ints: failed to read EXIF value as float");
+
           values(n++) = number;
         }
       map.setfield (key, octave_value (values));
@@ -1900,7 +1902,9 @@
       octave_idx_type n = 0;
       while (std::getline (sstream, sub, ','))
         {
-          sscanf (sub.c_str (), "%i/%i", &numerator, &denominator);
+          if (sscanf (sub.c_str (), "%i/%i", &numerator, &denominator) != 2)
+            error ("fill_exif_floats: failed to read EXIF numerator/demoninator pair");
+
           values(n++) = double (numerator) / double (denominator);
         }
       map.setfield (key, octave_value (values));
--- a/libinterp/parse-tree/lex.ll	Wed Apr 10 17:42:39 2024 +0200
+++ b/libinterp/parse-tree/lex.ll	Thu Apr 11 08:44:23 2024 -0400
@@ -1005,7 +1005,8 @@
     curr_lexer->update_token_positions (yyleng);
 
     unsigned int result;
-    sscanf (yytext+1, "%o", &result);
+    if (sscanf (yytext+1, "%o", &result) != 1)
+      curr_lexer->fatal_error ("scanf failed in lexer rule <DQ_STRING_START>\\\\[0-7]{1,3} - please report this bug");
 
     if (result > 0xff)
       {
@@ -1023,7 +1024,8 @@
     curr_lexer->m_filepos.increment_column (yyleng);
 
     unsigned int result;
-    sscanf (yytext+2, "%x", &result);
+    if (sscanf (yytext+2, "%x", &result) != 1)
+      curr_lexer->fatal_error ("scanf failed in lexer rule <DQ_STRING_START>\\\\x[0-9a-fA-F]+ - please report this bug");
 
     // Truncate the value silently instead of checking the range like
     // we do for octal above.  This is to match C/C++ where any number
@@ -3112,10 +3114,8 @@
     *p = '\0';
 
     double value = 0.0;
-    int nread = sscanf (tmptxt, "%lf", &value);
-
-    if (nread != 1)
-      error ("unexpected: nread != 1 in base_lexer::handle_number<10> - please report this bug");
+    if (sscanf (tmptxt, "%lf", &value) != 1)
+      fatal_error ("scanf failed in base_lexer::handle_number<10> - please report this bug");
 
     octave_value ov_value;
 
@@ -3220,16 +3220,11 @@
         return syntax_error (msg);
       }
 
-    // If yytext doesn't contain a valid number, we are in deep doo doo.
-
     uintmax_t long_int_val;
-    int status = sscanf (yytxt.c_str (), "%jx", &long_int_val);
-
-    if (status == 0)
-      error ("unexpected: sscanf failed in base_lexer::handle_number<16> - please report this bug");
-
-    octave_value ov_value
-      = make_integer_value (long_int_val, unsigned_val, bytes);
+    if (sscanf (yytxt.c_str (), "%jx", &long_int_val) != 1)
+      fatal_error ("sscanf failed in base_lexer::handle_number<16> - please report this bug");
+
+    octave_value ov_value = make_integer_value (long_int_val, unsigned_val, bytes);
 
     m_looking_for_object_index = false;
     m_at_beginning_of_statement = false;