On 01/22/2014 12:05 PM, John Ferlan wrote:
> A new version of Coverity found a number of issues:
>
> @@ -1415,7 +1418,7 @@ static int parse_ip_address(const char *id,
> if (strstr(id, "[") != NULL) {
> /* its an ipv6 address */
> ret = sscanf(id, "%a[^]]]:%as", &tmp_ip, &tmp_port);
Unrelated to your cleanups, but also a problem: This use of sscanf is
non-portable, and very likely to crash on non-glibc. %a in C99 means to
scan a floating point number (similar to %f), which is _very different_
from glibc's older meaning of malloc'ing into the destination. %m is
the preferred spelling for the intent of the code here.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list