From 8e39cfefa47102e2a5a7812e0c9aa46ea01da18a Mon Sep 17 00:00:00 2001 From: chanywa Date: Wed, 19 Apr 2017 11:08:20 +0900 Subject: [PATCH] Fixes vulnerable functions 'scanf' Change-Id: I8c7042d563f5f38687497f160819ad835fe86f84 --- test/location_test.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/test/location_test.c b/test/location_test.c index 8f02e76..1d884e5 100755 --- a/test/location_test.c +++ b/test/location_test.c @@ -441,6 +441,20 @@ static int test_set_mock_location(gpointer user_data) return FALSE; } +static int scanf_safety(const char *format, ...) +{ + char line[256]; + if (fgets(line, sizeof(line), stdin) == NULL) + return -1; + + va_list args; + va_start(args, format); + int ret = vsscanf(line, format, args); + va_end(args); + + return ret; +} + static void print_menu() { fprintf(stderr, "============= LOCATION TEST =============\n"); @@ -465,7 +479,7 @@ static void print_menu() fprintf(stderr, "[0] Exit!!!\n\n"); fprintf(stderr, "Select menu: "); - if (scanf("%d", &menu) < 0) + if (scanf_safety("%d", &menu) < 0) fprintf(stderr, "Can't read menu !!!\n"); } @@ -504,7 +518,7 @@ static int location_test() int timeout = 60; fprintf(stderr, "\n Input timeout ==> "); - ret = scanf("%d", &timeout); + ret = scanf_safety("%d", &timeout); int method = menu - 4; ret = location_manager_create(method, &manager); @@ -518,7 +532,7 @@ static int location_test() int interval = 1; fprintf(stderr, "\n Input position interval ==> "); - ret = scanf("%d", &interval); + ret = scanf_safety("%d", &interval); if (interval > 120 || interval < 1) interval = 1; @@ -549,7 +563,7 @@ static int location_test() int method = menu - 21; fprintf(stderr, "\n Input position interval ==> "); - ret = scanf("%d", &interval); + ret = scanf_safety("%d", &interval); ret = location_manager_create(method, &manager); fprintf(stderr, "location_manager_create (method : %d)", method); @@ -567,11 +581,11 @@ static int location_test() case 31: { int interval = 1; fprintf(stderr, "\n Input batch interval ==> "); - ret = scanf("%d", &interval); + ret = scanf_safety("%d", &interval); int period = 60; fprintf(stderr, " Input batch period ==> "); - ret = scanf("%d", &period); + ret = scanf_safety("%d", &period); ret = location_manager_create(LOCATIONS_METHOD_GPS, &manager); fprintf(stderr, "location_manager_create (method : %d)\n", LOCATIONS_METHOD_GPS); @@ -588,7 +602,7 @@ static int location_test() int onoff = 1; fprintf(stderr, "\n Mock Location (ON: 1 or OFF: 0) Input ==> "); - ret = scanf("%d", &onoff); + ret = scanf_safety("%d", &onoff); ret = location_manager_enable_mock_location(onoff); fprintf(stderr, "Enabling mock test: ret=%d\n", ret); @@ -637,7 +651,7 @@ static int location_test() int onoff = 1; fprintf(stderr, "\n Input ON: 1 or OFF: 0 ==> "); - ret = scanf("%d", &onoff); + ret = scanf_safety("%d", &onoff); if (onoff == 0 || onoff == 1) { ret = enable_method(method, onoff); -- 2.7.4