
On 01/22/2014 02:21 PM, Eric Blake wrote:
On 01/22/2014 12:05 PM, John Ferlan wrote:
A new version of Coverity found a number of issues:
@@ -1415,7 +1418,7 @@ static int parse_ip_address(const char *id, if (strstr(id, "[") != NULL) { /* its an ipv6 address */ ret = sscanf(id, "%a[^]]]:%as", &tmp_ip, &tmp_port);
Unrelated to your cleanups, but also a problem: This use of sscanf is non-portable, and very likely to crash on non-glibc. %a in C99 means to scan a floating point number (similar to %f), which is _very different_ from glibc's older meaning of malloc'ing into the destination. %m is the preferred spelling for the intent of the code here.
If you have seen my 0/6 update - I sent to the wrong list. As for the portability - suffice to say the libvirt-cim code is nowhere near as clean as libvirt (and friends). It's code that doesn't see a lot of change... Thanks for the heads up though - I will follow up there with a change to use %m rather than %a. I read the man page and did wonder how/why %a was used, but didn't dig into when the code was added. John