Change sscanf to strtol function for the secure coding

author DoHyun Pyun <dh79.pyun@samsung.com>

Mon, 17 Apr 2017 08:37:21 +0000 (17:37 +0900)

committer DoHyun Pyun <dh79.pyun@samsung.com>

Fri, 28 Apr 2017 00:36:16 +0000 (09:36 +0900)
author DoHyun Pyun <dh79.pyun@samsung.com>
Mon, 17 Apr 2017 08:37:21 +0000 (17:37 +0900)
committer DoHyun Pyun <dh79.pyun@samsung.com>
Fri, 28 Apr 2017 00:36:16 +0000 (09:36 +0900)
diff --git a/bt-httpproxy/bt-httpproxy.c b/bt-httpproxy/bt-httpproxy.c

index c322e9c..fa3647a 100644 (file)
--- a/bt-httpproxy/bt-httpproxy.c
+++ b/bt-httpproxy/bt-httpproxy.c
@@ -96,18 +96,17 @@ static void _bt_hps_set_char_value(const char *obj_path, const char* value, int
  
  static void _hps_convert_address_to_hex(bluetooth_device_address_t *addr_hex, const char *addr_str)
  {
-       int i = 0;
-       unsigned int addr[BLUETOOTH_ADDRESS_LENGTH] = { 0, };
+       char *ptr1, *ptr2, *ptr3, *ptr4, *ptr5;
  
         if (addr_str == NULL || addr_str[0] == '\0')
                 return;
  
-       i = sscanf(addr_str, "%X:%X:%X:%X:%X:%X", &addr[0], &addr[1], &addr[2], &addr[3], &addr[4], &addr[5]);
-       if (i != BLUETOOTH_ADDRESS_LENGTH)
-               BT_ERR("Invalid format string - [%s]", addr_str);
-
-       for (i = 0; i < BLUETOOTH_ADDRESS_LENGTH; i++)
-               addr_hex->addr[i] = (unsigned char)addr[i];
+       addr_hex->addr[0] = strtol(addr_str, &ptr5, 16);
+       addr_hex->addr[1] = strtol(ptr5 + 1, &ptr4, 16);
+       addr_hex->addr[2] = strtol(ptr4 + 1, &ptr3, 16);
+       addr_hex->addr[3] = strtol(ptr3 + 1, &ptr2, 16);
+       addr_hex->addr[4] = strtol(ptr2 + 1, &ptr1, 16);
+       addr_hex->addr[5] = strtol(ptr1 + 1, NULL, 16);
  }
  
  static char *__hps_convert_uuid_to_uuid128(const char *uuid)
author	DoHyun Pyun <dh79.pyun@samsung.com>
	Mon, 17 Apr 2017 08:37:21 +0000 (17:37 +0900)
committer	DoHyun Pyun <dh79.pyun@samsung.com>
	Fri, 28 Apr 2017 00:36:16 +0000 (09:36 +0900)