The Date and Time Indicator

Coverity SECURE_CODING - CID 10695

Reported by Product Strategy Coverity Bug Uploader on 2012-03-01
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Indicator Date and Time
Low
Charles Kerr
0.3
Undecided
Unassigned

Bug Description

This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 10695
Checker: SECURE_CODING
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/676.html
File: /tmp/buildd/indicator-datetime-0.3.90/src/datetime-prefs.c
Function: input_time_text()
Code snippet:
404
405 if (is_locale_12h ()) { // TODO: make this look-at/watch gsettings?
406 char ampm[51];
407
CID 10695 - SECURE_CODING
[VERY RISKY]. Using "sscanf" can cause a buffer overflow when done incorrectly. sscanf() assumes an arbitrarily large string, so callers must use correct precision specifiers or never use sscanf(). Use correct precision specifiers or do your own parsing.
408 scanned = sscanf (text, "%u:%u:%u %50s", &hour_in, &minute_in, &second_in, ampm);
409 passed = (scanned == 4);
410
411 if (passed) {
412 const char *pm_str = nl_langinfo (PM_STR);
413 if (g_ascii_strcasecmp (pm_str, ampm) == 0) {

Charles Kerr (charlesk) on 2012-03-04
Changed in indicator-datetime:
importance: Medium → Low
status: New → In Progress
assignee: nobody → charles (charlesk)
Charles Kerr (charlesk) wrote :
Changed in indicator-datetime:
status: In Progress → Fix Committed
Ted Gould (ted) on 2012-03-08
Changed in indicator-datetime:
milestone: none → 0.3.91
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers