On Wed, Apr 23, 2014 at 12:05:57PM +0300, Dan Carpenter wrote: > On Wed, Apr 23, 2014 at 04:49:26PM +0800, Michalis Pappas wrote: > > Hi Dan, thanks for looking at this. From the above snippet I realize > > that I wasn't aware of the strict flag, so significantly less errors > > were produced. > > > > The issues I was referring to as pedantic are: > > > > WARNING: unchecked sscanf return value > > #296: FILE: gdm_wimax.c:296: > > + sscanf(e->dev->name, "wm%d", &idx); > > > > does this really need to be checked? > > Just check it. The code as is looks like a information leak (security > vulnerability) until you realize that e->dev->name is probably a known, > trusted string. Btw, we saw a "fix" for this earlier which just printed an error message. Don't do that. Assume that static checkers will soon start complaining about the info leak instead of just looking at sscanf(). regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
