Re: [libvirt] [PATCH 1/6] VSMS: Coverity cleanups
On 01/22/2014 02:21 PM, Eric Blake wrote:
On 01/22/2014 12:05 PM, John Ferlan wrote:
> A new version of Coverity found a number of issues:
>
> @@ -1415,7 +1418,7 @@ static int parse_ip_address(const char *id,
> if (strstr(id, "[") != NULL) {
> /* its an ipv6 address */
> ret = sscanf(id, "%a[^]]]:%as", &tmp_ip,
&tmp_port);
Unrelated to your cleanups, but also a problem: This use of sscanf is
non-portable, and very likely to crash on non-glibc. %a in C99 means to
scan a floating point number (similar to %f), which is _very different_
from glibc's older meaning of malloc'ing into the destination. %m is
the preferred spelling for the intent of the code here.
If you have seen my 0/6 update - I sent to the wrong list.
As for the portability - suffice to say the libvirt-cim code is nowhere
near as clean as libvirt (and friends). It's code that doesn't see a lot
of change...
Thanks for the heads up though - I will follow up there with a change to
use %m rather than %a. I read the man page and did wonder how/why %a
was used, but didn't dig into when the code was added.
John