From: Jeesun Kim <iamjs.kim@samsung.com>
Date: Thu, 14 Sep 2017 07:29:36 +0000 (+0900)
Subject: fix security svace issue
X-Git-Tag: accepted/tizen/unified/20170918.152844
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Ftags%2Faccepted%2Ftizen%2Funified%2F20170918.152844;p=platform%2Fcore%2Fpim%2Fcalendar-service.git

fix security svace issue

Change-Id: I452dc065fdc86fae122b62f0e9c32fc56ef78127
---

diff --git a/server/db/cal_db_instance.c b/server/db/cal_db_instance.c
index 2f1d936..5f01ab2 100644
--- a/server/db/cal_db_instance.c
+++ b/server/db/cal_db_instance.c
@@ -1021,7 +1021,7 @@ static int _cal_db_instance_publish_yearly_wday(UCalendar *ucal, cal_event_s *ev
 					int nth = 0;
 					char wday[CAL_STR_SHORT_LEN32] = {0};
 
-					sscanf(t[j], "%d%s", &nth, wday); /* -3SU, +2SA */
+					sscanf(t[j], "%d%2s", &nth, wday); /* -3SU, +2SA */
 					DBG("nth(%d) wday[%s]", nth, wday);
 					int wday_int = __convert_wday_to_int(wday);
 
@@ -1361,7 +1361,7 @@ static int _cal_db_instance_publish_monthly_wday(UCalendar *ucal, cal_event_s *e
 				int nth = 0;
 				char wday[CAL_STR_SHORT_LEN32] = {0};
 
-				sscanf(t[i], "%d%s", &nth, wday); /* -3SU, +2SA */
+				sscanf(t[i], "%d%2s", &nth, wday); /* -3SU, +2SA */
 				DBG("nth(%d) wday[%s]", nth, wday);
 				int wday_int = __convert_wday_to_int(wday);