Index: pbx/pbx_config.c =================================================================== --- pbx/pbx_config.c (revision 211538) +++ pbx/pbx_config.c (revision 211539) @@ -946,7 +946,7 @@ if (!strcmp(prior, "hint")) { iprior = PRIORITY_HINT; } else { - if (sscanf(prior, "%d", &iprior) != 1) { + if (sscanf(prior, "%30d", &iprior) != 1) { ast_cli(a->fd, "'%s' is not a valid priority\n", prior); prior = NULL; } @@ -1485,7 +1485,7 @@ } else { ast_log(LOG_WARNING, "Can't use 'same' priority on the first entry!\n"); } - } else if (sscanf(pri, "%d", &ipri) != 1 && + } else if (sscanf(pri, "%30d", &ipri) != 1 && (ipri = ast_findlabel_extension2(NULL, con, realext, pri, cidmatch)) < 1) { ast_log(LOG_WARNING, "Invalid priority/label '%s' at line %d\n", pri, v->lineno); ipri = 0; @@ -1638,9 +1638,9 @@ c = dahdicopy; chan = strsep(&c, ","); while (chan) { - if (sscanf(chan, "%d-%d", &start, &finish) == 2) { + if (sscanf(chan, "%30d-%30d", &start, &finish) == 2) { /* Range */ - } else if (sscanf(chan, "%d", &start)) { + } else if (sscanf(chan, "%30d", &start)) { /* Just one */ finish = start; } else { Index: pbx/pbx_loopback.c =================================================================== --- pbx/pbx_loopback.c (revision 211538) +++ pbx/pbx_loopback.c (revision 211539) @@ -120,7 +120,7 @@ if (!ast_strlen_zero(con)) *newcontext = con; if (!ast_strlen_zero(pri)) - sscanf(pri, "%d", priority); + sscanf(pri, "%30d", priority); } static int loopback_exists(struct ast_channel *chan, const char *context, const char *exten, int priority, const char *callerid, const char *data) Index: pbx/pbx_spool.c =================================================================== --- pbx/pbx_spool.c (revision 211538) +++ pbx/pbx_spool.c (revision 211539) @@ -172,7 +172,7 @@ } else if (!strcasecmp(buf, "data")) { ast_string_field_set(o, data, c); } else if (!strcasecmp(buf, "maxretries")) { - if (sscanf(c, "%d", &o->maxretries) != 1) { + if (sscanf(c, "%30d", &o->maxretries) != 1) { ast_log(LOG_WARNING, "Invalid max retries at line %d of %s\n", lineno, fn); o->maxretries = 0; } @@ -183,24 +183,24 @@ } else if (!strcasecmp(buf, "extension")) { ast_string_field_set(o, exten, c); } else if (!strcasecmp(buf, "priority")) { - if ((sscanf(c, "%d", &o->priority) != 1) || (o->priority < 1)) { + if ((sscanf(c, "%30d", &o->priority) != 1) || (o->priority < 1)) { ast_log(LOG_WARNING, "Invalid priority at line %d of %s\n", lineno, fn); o->priority = 1; } } else if (!strcasecmp(buf, "retrytime")) { - if ((sscanf(c, "%d", &o->retrytime) != 1) || (o->retrytime < 1)) { + if ((sscanf(c, "%30d", &o->retrytime) != 1) || (o->retrytime < 1)) { ast_log(LOG_WARNING, "Invalid retrytime at line %d of %s\n", lineno, fn); o->retrytime = 300; } } else if (!strcasecmp(buf, "waittime")) { - if ((sscanf(c, "%d", &o->waittime) != 1) || (o->waittime < 1)) { + if ((sscanf(c, "%30d", &o->waittime) != 1) || (o->waittime < 1)) { ast_log(LOG_WARNING, "Invalid waittime at line %d of %s\n", lineno, fn); o->waittime = 45; } } else if (!strcasecmp(buf, "retry")) { o->retries++; } else if (!strcasecmp(buf, "startretry")) { - if (sscanf(c, "%ld", &o->callingpid) != 1) { + if (sscanf(c, "%30ld", &o->callingpid) != 1) { ast_log(LOG_WARNING, "Unable to retrieve calling PID!\n"); o->callingpid = 0; } Index: pbx/pbx_dundi.c =================================================================== --- pbx/pbx_dundi.c (revision 211538) +++ pbx/pbx_dundi.c (revision 211539) @@ -475,7 +475,7 @@ buf[0] = 0; if (map->weightstr) { pbx_substitute_variables_helper(NULL, map->weightstr, buf, sizeof(buf) - 1); - if (sscanf(buf, "%d", &map->_weight) != 1) + if (sscanf(buf, "%30d", &map->_weight) != 1) map->_weight = MAX_WEIGHT; } @@ -1088,7 +1088,7 @@ if (expiration > 0) { ast_debug(1, "Found cache expiring in %d seconds!\n", expiration); ptr += length + 1; - while((sscanf(ptr, "%d/%d/%d/%n", &(flags.flags), &weight, &tech, &length) == 3)) { + while((sscanf(ptr, "%30d/%30d/%30d/%n", &(flags.flags), &weight, &tech, &length) == 3)) { ptr += length; term = strchr(ptr, '|'); if (term) { @@ -4036,7 +4036,7 @@ goto finish; } - if (sscanf(args.resultnum, "%u", &num) != 1) { + if (sscanf(args.resultnum, "%30u", &num) != 1) { ast_log(LOG_ERROR, "Invalid value '%s' for resultnum to DUNDIRESULT!\n", args.resultnum); goto finish; @@ -4200,7 +4200,7 @@ } else if (x >= 4) { ast_copy_string(map->dcontext, name, sizeof(map->dcontext)); ast_copy_string(map->lcontext, fields[0], sizeof(map->lcontext)); - if ((sscanf(fields[1], "%d", &map->_weight) == 1) && (map->_weight >= 0) && (map->_weight <= MAX_WEIGHT)) { + if ((sscanf(fields[1], "%30d", &map->_weight) == 1) && (map->_weight >= 0) && (map->_weight <= MAX_WEIGHT)) { ast_copy_string(map->dest, fields[3], sizeof(map->dest)); if ((map->tech = str2tech(fields[2]))) map->dead = 0; @@ -4302,7 +4302,7 @@ if (c) { *c = '\0'; c++; - if (sscanf(c, "%d:%d", &port, &expire) == 2) { + if (sscanf(c, "%5d:%30d", &port, &expire) == 2) { /* Got it! */ inet_aton(data, &peer->addr.sin_addr); peer->addr.sin_family = AF_INET; @@ -4399,7 +4399,7 @@ peer->maxms = 0; } else if (!strcasecmp(v->value, "yes")) { peer->maxms = DEFAULT_MAXMS; - } else if (sscanf(v->value, "%d", &peer->maxms) != 1) { + } else if (sscanf(v->value, "%30d", &peer->maxms) != 1) { ast_log(LOG_WARNING, "Qualification of peer '%s' should be 'yes', 'no', or a number of milliseconds at line %d of dundi.conf\n", ast_eid_to_str(eid_str, sizeof(eid_str), &peer->eid), v->lineno); peer->maxms = 0; @@ -4637,14 +4637,14 @@ } else if (!strcasecmp(v->name, "authdebug")) { authdebug = ast_true(v->value); } else if (!strcasecmp(v->name, "ttl")) { - if ((sscanf(v->value, "%d", &x) == 1) && (x > 0) && (x < DUNDI_DEFAULT_TTL)) { + if ((sscanf(v->value, "%30d", &x) == 1) && (x > 0) && (x < DUNDI_DEFAULT_TTL)) { dundi_ttl = x; } else { ast_log(LOG_WARNING, "'%s' is not a valid TTL at line %d, must be number from 1 to %d\n", v->value, v->lineno, DUNDI_DEFAULT_TTL); } } else if (!strcasecmp(v->name, "autokill")) { - if (sscanf(v->value, "%d", &x) == 1) { + if (sscanf(v->value, "%30d", &x) == 1) { if (x >= 0) global_autokilltimeout = x; else @@ -4679,7 +4679,7 @@ } else if (!strcasecmp(v->name, "storehistory")) { global_storehistory = ast_true(v->value); } else if (!strcasecmp(v->name, "cachetime")) { - if ((sscanf(v->value, "%d", &x) == 1)) { + if ((sscanf(v->value, "%30d", &x) == 1)) { dundi_cache_time = x; } else { ast_log(LOG_WARNING, "'%s' is not a valid cache time at line %d. Using default value '%d'.\n", Index: channels/misdn_config.c =================================================================== --- channels/misdn_config.c (revision 211538) +++ channels/misdn_config.c (revision 211539) @@ -922,9 +922,9 @@ int res; if (strchr(value,'x')) { - res = sscanf(value, "%x", &tmp); + res = sscanf(value, "%30x", &tmp); } else { - res = sscanf(value, "%d", &tmp); + res = sscanf(value, "%30d", &tmp); } if (res) { dest->num = ast_malloc(sizeof(int)); @@ -939,7 +939,7 @@ break; case MISDN_CTYPE_BOOLINT: dest->num = ast_malloc(sizeof(int)); - if (sscanf(value, "%d", &tmp)) { + if (sscanf(value, "%30d", &tmp)) { memcpy(dest->num, &tmp, sizeof(int)); } else { *(dest->num) = (ast_true(value) ? boolint_def : 0); @@ -1008,7 +1008,7 @@ for (token = strsep(&tmp, ","); token; token = strsep(&tmp, ","), *ptpbuf = 0) { if (!*token) continue; - if (sscanf(token, "%d-%d%s", &start, &end, ptpbuf) >= 2) { + if (sscanf(token, "%30d-%30d%511s", &start, &end, ptpbuf) >= 2) { for (; start <= end; start++) { if (start <= max_ports && start > 0) { cfg_for_ports[start] = 1; @@ -1017,7 +1017,7 @@ CLI_ERROR(v->name, v->value, cat); } } else { - if (sscanf(token, "%d%s", &start, ptpbuf)) { + if (sscanf(token, "%30d%511s", &start, ptpbuf)) { if (start <= max_ports && start > 0) { cfg_for_ports[start] = 1; ptp[start] = (strstr(ptpbuf, "ptp")) ? 1 : 0; Index: channels/chan_usbradio.c =================================================================== --- channels/chan_usbradio.c (revision 211538) +++ channels/chan_usbradio.c (revision 211539) @@ -351,8 +351,8 @@ #define DEV_DSP "/dev/dsp" #endif -static char *config = "usbradio.conf"; /* default config file */ -static char *config1 = "usbradio_tune_%s.conf"; /* tune config file */ +static const char *config = "usbradio.conf"; /* default config file */ +#define config1 "usbradio_tune_%s.conf" /* tune config file */ static FILE *frxcapraw = NULL, *frxcaptrace = NULL, *frxoutraw = NULL; static FILE *ftxcapraw = NULL, *ftxcaptrace = NULL, *ftxoutraw = NULL; @@ -1642,7 +1642,7 @@ /* print received messages */ if(o->debuglevel)ast_verbose(" << Console Received usbradio text %s >> \n", text); - cnt=sscanf(text,"%s %s %s %s %s %c",cmd,rxs,txs,rxpl,txpl,&pwr); + cnt = sscanf(text, "%300s %15s %15s %15s %15s %1c", cmd, rxs, txs, rxpl, txpl, &pwr); if (strcmp(cmd,"SETCHAN")==0) { @@ -2812,7 +2812,7 @@ static void store_rxgain(struct chan_usbradio_pvt *o, char *s) { float f; - sscanf(s,"%f",&f); + sscanf(s, "%30f", &f); o->rxgain = f; //ast_log(LOG_WARNING, "set rxgain = %f\n", f); } @@ -2821,7 +2821,7 @@ static void store_rxvoiceadj(struct chan_usbradio_pvt *o, char *s) { float f; - sscanf(s,"%f",&f); + sscanf(s, "%30f", &f); o->rxvoiceadj = f; //ast_log(LOG_WARNING, "set rxvoiceadj = %f\n", f); } @@ -2830,7 +2830,7 @@ static void store_rxctcssadj(struct chan_usbradio_pvt *o, char *s) { float f; - sscanf(s,"%f",&f); + sscanf(s, "%30f", &f); o->rxctcssadj = f; //ast_log(LOG_WARNING, "set rxctcssadj = %f\n", f); } @@ -3815,6 +3815,8 @@ static char *handle_console_key(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { + char *argv[] = { "radio", "key", NULL }; + switch (cmd) { case CLI_INIT: e->command = "radio key"; @@ -3823,12 +3825,13 @@ case CLI_GENERATE: return NULL; } - return res2cli(console_key(a->fd,a->argc,a->argv)); + return res2cli(console_key(a->fd, 2, argv)); } static char *handle_console_unkey(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { + char *argv[] = { "radio", "unkey", NULL }; switch (cmd) { case CLI_INIT: e->command = "radio unkey"; @@ -3837,12 +3840,13 @@ case CLI_GENERATE: return NULL; } - return res2cli(console_unkey(a->fd,a->argc,a->argv)); + return res2cli(console_unkey(a->fd, 2, argv)); } static char *handle_radio_tune(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { + char *argv[5] = { "radio", "tune", a->argc > 2 ? (char *) a->argv[2] : NULL, a->argc > 3 ? (char *) a->argv[3] : NULL }; switch (cmd) { case CLI_INIT: e->command = "radio tune"; @@ -3851,7 +3855,7 @@ case CLI_GENERATE: return NULL; } - return res2cli(radio_tune(a->fd,a->argc,a->argv)); + return res2cli(radio_tune(a->fd, a->argc, argv)); } static char *handle_radio_debug(struct ast_cli_entry *e, @@ -3865,7 +3869,7 @@ case CLI_GENERATE: return NULL; } - return res2cli(radio_set_debug(a->fd,a->argc,a->argv)); + return res2cli(radio_set_debug(a->fd, a->argc, NULL /* ignored */)); } static char *handle_radio_debug_off(struct ast_cli_entry *e, @@ -3879,12 +3883,13 @@ case CLI_GENERATE: return NULL; } - return res2cli(radio_set_debug_off(a->fd,a->argc,a->argv)); + return res2cli(radio_set_debug_off(a->fd, a->argc, NULL /* ignored */)); } static char *handle_radio_active(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { + char *argv[4] = { "radio", "active", a->argc > 2 ? (char *) a->argv[2] : NULL, }; switch (cmd) { case CLI_INIT: e->command = "radio active"; @@ -3893,12 +3898,13 @@ case CLI_GENERATE: return NULL; } - return res2cli(radio_active(a->fd,a->argc,a->argv)); + return res2cli(radio_active(a->fd, a->argc, argv)); } static char *handle_set_xdebug(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { + char *argv[5] = { "radio", "set", "xdebug", a->argc == 4 ? (char *) a->argv[3] : NULL, }; switch (cmd) { case CLI_INIT: e->command = "radio set xdebug"; @@ -3907,7 +3913,7 @@ case CLI_GENERATE: return NULL; } - return res2cli(radio_set_xpmr_debug(a->fd,a->argc,a->argv)); + return res2cli(radio_set_xpmr_debug(a->fd, a->argc, argv)); } Index: channels/chan_phone.c =================================================================== --- channels/chan_phone.c (revision 211538) +++ channels/chan_phone.c (revision 211539) @@ -1259,7 +1259,7 @@ float gain; /* try to scan number */ - if (sscanf(value, "%f", &gain) != 1) + if (sscanf(value, "%30f", &gain) != 1) { ast_log(LOG_ERROR, "Invalid %s value '%s' in '%s' config\n", value, gain_type, config); Index: channels/chan_dahdi.c =================================================================== --- channels/chan_dahdi.c (revision 211538) +++ channels/chan_dahdi.c (revision 211539) @@ -4658,7 +4658,7 @@ snprintf(db_chan_name, sizeof(db_chan_name), "%s/%d:%d", dahdi_db, pl->span, x); if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); } if (!why) { /* SRVST persistence is not required */ @@ -5658,7 +5658,7 @@ int res; char policy_str[21] = ""; - if ((res = sscanf(parse, "%d,%20s", num_buffers, policy_str)) != 2) { + if ((res = sscanf(parse, "%30d,%20s", num_buffers, policy_str)) != 2) { ast_log(LOG_WARNING, "Parsing buffer string '%s' failed.\n", parse); return 1; } @@ -10270,7 +10270,7 @@ unsigned int code1, code2, code3; int numvals; - numvals = sscanf(pcstring, "%d-%d-%d", &code1, &code2, &code3); + numvals = sscanf(pcstring, "%30d-%30d-%30d", &code1, &code2, &code3); if (numvals == 1) return code1; if (numvals == 3) @@ -11274,7 +11274,7 @@ stringp = dest + 1; s = strsep(&stringp, "/"); - if ((res = sscanf(s, "%d%c%d", &x, &opt, &y)) < 1) { + if ((res = sscanf(s, "%30d%1c%30d", &x, &opt, &y)) < 1) { ast_log(LOG_WARNING, "Unable to determine group for data %s\n", (char *)data); return NULL; } @@ -11309,7 +11309,7 @@ x = CHAN_PSEUDO; channelmatch = x; } - else if ((res = sscanf(s, "%d%c%d", &x, &opt, &y)) < 1) { + else if ((res = sscanf(s, "%30d%1c%30d", &x, &opt, &y)) < 1) { ast_log(LOG_WARNING, "Unable to determine channel for data %s\n", (char *)data); return NULL; } else { @@ -12640,7 +12640,7 @@ if (a->argc < 5 || a->argc > 6) return CLI_SHOWUSAGE; if ((c = strchr(a->argv[4], ':'))) { - if (sscanf(a->argv[4], "%d:%d", &trunkgroup, &channel) != 2) + if (sscanf(a->argv[4], "%30d:%30d", &trunkgroup, &channel) != 2) return CLI_SHOWUSAGE; if ((trunkgroup < 1) || (channel < 1)) return CLI_SHOWUSAGE; @@ -12685,7 +12685,7 @@ why = -1; snprintf(db_chan_name, sizeof(db_chan_name), "%s/%d:%d", dahdi_db, tmp->span, channel); if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); ast_db_del(db_chan_name, SRVST_DBKEY); } switch(changestatus) { @@ -14850,9 +14850,9 @@ c = ast_strdupa(value); while ((chan = strsep(&c, ","))) { - if (sscanf(chan, "%d-%d", &start, &finish) == 2) { + if (sscanf(chan, "%30d-%30d", &start, &finish) == 2) { /* Range */ - } else if (sscanf(chan, "%d", &start)) { + } else if (sscanf(chan, "%30d", &start)) { /* Just one */ finish = start; } else if (!strcasecmp(chan, "pseudo")) { @@ -14932,7 +14932,7 @@ strcpy(confp->chan.echocancel.params[confp->chan.echocancel.head.param_count].name, param.name); if (param.value) { - if (sscanf(param.value, "%d", &confp->chan.echocancel.params[confp->chan.echocancel.head.param_count].value) != 1) { + if (sscanf(param.value, "%30d", &confp->chan.echocancel.params[confp->chan.echocancel.head.param_count].value) != 1) { ast_log(LOG_WARNING, "Invalid echocancel parameter value supplied at line %d: '%s'\n", line, param.value); continue; } @@ -15000,11 +15000,11 @@ } else if (!strcasecmp(v->name, "dring3range")) { confp->chan.drings.ringnum[2].range = atoi(v->value); } else if (!strcasecmp(v->name, "dring1")) { - sscanf(v->value, "%d,%d,%d", &confp->chan.drings.ringnum[0].ring[0], &confp->chan.drings.ringnum[0].ring[1], &confp->chan.drings.ringnum[0].ring[2]); + sscanf(v->value, "%30d,%30d,%30d", &confp->chan.drings.ringnum[0].ring[0], &confp->chan.drings.ringnum[0].ring[1], &confp->chan.drings.ringnum[0].ring[2]); } else if (!strcasecmp(v->name, "dring2")) { - sscanf(v->value,"%d,%d,%d", &confp->chan.drings.ringnum[1].ring[0], &confp->chan.drings.ringnum[1].ring[1], &confp->chan.drings.ringnum[1].ring[2]); + sscanf(v->value, "%30d,%30d,%30d", &confp->chan.drings.ringnum[1].ring[0], &confp->chan.drings.ringnum[1].ring[1], &confp->chan.drings.ringnum[1].ring[2]); } else if (!strcasecmp(v->name, "dring3")) { - sscanf(v->value, "%d,%d,%d", &confp->chan.drings.ringnum[2].ring[0], &confp->chan.drings.ringnum[2].ring[1], &confp->chan.drings.ringnum[2].ring[2]); + sscanf(v->value, "%30d,%30d,%30d", &confp->chan.drings.ringnum[2].ring[0], &confp->chan.drings.ringnum[2].ring[1], &confp->chan.drings.ringnum[2].ring[2]); } else if (!strcasecmp(v->name, "usecallerid")) { confp->chan.use_callerid = ast_true(v->value); } else if (!strcasecmp(v->name, "cidsignalling")) { @@ -15061,7 +15061,7 @@ } else if (!strcasecmp(v->name, "busycount")) { confp->chan.busycount = atoi(v->value); } else if (!strcasecmp(v->name, "busypattern")) { - if (sscanf(v->value, "%d,%d", &confp->chan.busy_tonelength, &confp->chan.busy_quietlength) != 2) { + if (sscanf(v->value, "%30d,%30d", &confp->chan.busy_tonelength, &confp->chan.busy_quietlength) != 2) { ast_log(LOG_ERROR, "busypattern= expects busypattern=tonelength,quietlength at line %d.\n", v->lineno); } } else if (!strcasecmp(v->name, "callprogress")) { @@ -15081,7 +15081,7 @@ } else if (!strcasecmp(v->name, "echocancel")) { process_echocancel(confp, v->value, v->lineno); } else if (!strcasecmp(v->name, "echotraining")) { - if (sscanf(v->value, "%d", &y) == 1) { + if (sscanf(v->value, "%30d", &y) == 1) { if ((y < 10) || (y > 4000)) { ast_log(LOG_WARNING, "Echo training time must be within the range of 10 to 4000 ms at line %d.\n", v->lineno); } else { @@ -15165,19 +15165,19 @@ confp->chan.mwimonitor_fsk = 1; } } else if (!strcasecmp(v->name, "cid_rxgain")) { - if (sscanf(v->value, "%f", &confp->chan.cid_rxgain) != 1) { + if (sscanf(v->value, "%30f", &confp->chan.cid_rxgain) != 1) { ast_log(LOG_WARNING, "Invalid cid_rxgain: %s at line %d.\n", v->value, v->lineno); } } else if (!strcasecmp(v->name, "rxgain")) { - if (sscanf(v->value, "%f", &confp->chan.rxgain) != 1) { + if (sscanf(v->value, "%30f", &confp->chan.rxgain) != 1) { ast_log(LOG_WARNING, "Invalid rxgain: %s at line %d.\n", v->value, v->lineno); } } else if (!strcasecmp(v->name, "txgain")) { - if (sscanf(v->value, "%f", &confp->chan.txgain) != 1) { + if (sscanf(v->value, "%30f", &confp->chan.txgain) != 1) { ast_log(LOG_WARNING, "Invalid txgain: %s at line %d.\n", v->value, v->lineno); } } else if (!strcasecmp(v->name, "tonezone")) { - if (sscanf(v->value, "%d", &confp->chan.tonezone) != 1) { + if (sscanf(v->value, "%30d", &confp->chan.tonezone) != 1) { ast_log(LOG_WARNING, "Invalid tonezone: %s at line %d.\n", v->value, v->lineno); } } else if (!strcasecmp(v->name, "callerid")) { @@ -15743,7 +15743,7 @@ ast_copy_string(original_args, v->value, sizeof(original_args)); /* 16 cadences allowed (8 pairs) */ - element_count = sscanf(v->value, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d", &c[0], &c[1], &c[2], &c[3], &c[4], &c[5], &c[6], &c[7], &c[8], &c[9], &c[10], &c[11], &c[12], &c[13], &c[14], &c[15]); + element_count = sscanf(v->value, "%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d,%30d", &c[0], &c[1], &c[2], &c[3], &c[4], &c[5], &c[6], &c[7], &c[8], &c[9], &c[10], &c[11], &c[12], &c[13], &c[14], &c[15]); /* Cadence must be even (on/off) */ if (element_count % 2 == 1) { Index: channels/chan_sip.c =================================================================== --- channels/chan_sip.c (revision 211538) +++ channels/chan_sip.c (revision 211539) @@ -2924,7 +2924,7 @@ copy_request(&reqcpy, &req); parse_request(&reqcpy); /* In order to know how much to read, we need the content-length header */ - if (sscanf(get_header(&reqcpy, "Content-Length"), "%d", &cl)) { + if (sscanf(get_header(&reqcpy, "Content-Length"), "%30d", &cl)) { while (cl > 0) { ast_mutex_lock(&tcptls_session->lock); if (!fread(buf, (cl < sizeof(buf)) ? cl : sizeof(buf), 1, tcptls_session->f)) { @@ -3754,7 +3754,7 @@ p->packets = pkt; /* Add it to the queue */ if (resp) { /* Parse out the response code */ - if (sscanf(ast_str_buffer(pkt->data), "SIP/2.0 %d", &respid) == 1) { + if (sscanf(ast_str_buffer(pkt->data), "SIP/2.0 %30d", &respid) == 1) { pkt->response_code = respid; } } @@ -3805,10 +3805,10 @@ /* If there are packets still waiting for delivery, delay the destruction */ if (p->packets) { if (!p->needdestroy) { - char method_str[30]; + char method_str[31]; ast_debug(3, "Re-scheduled destruction of SIP call %s\n", p->callid ? p->callid : ""); append_history(p, "ReliableXmit", "timeout"); - if (sscanf(p->lastmsg, "Tx: %s", method_str) == 1 || sscanf(p->lastmsg, "Rx: %s", method_str) == 1) { + if (sscanf(p->lastmsg, "Tx: %30s", method_str) == 1 || sscanf(p->lastmsg, "Rx: %30s", method_str) == 1) { if (method_match(SIP_CANCEL, method_str) || method_match(SIP_BYE, method_str)) { pvt_set_needdestroy(p, "autodestruct"); } @@ -5215,7 +5215,7 @@ /* This address should be updated using dnsmgr */ memcpy(&dialog->sa.sin_addr, &sin->sin_addr, sizeof(dialog->sa.sin_addr)); if (!sin->sin_port) { - if (ast_strlen_zero(port) || sscanf(port, "%u", &portno) != 1) { + if (ast_strlen_zero(port) || sscanf(port, "%30u", &portno) != 1) { portno = (dialog->socket.type & SIP_TRANSPORT_TLS) ? STANDARD_TLS_PORT : STANDARD_SIP_PORT; } @@ -7771,7 +7771,7 @@ content_length = get_header(req, "Content-Length"); if (!ast_strlen_zero(content_length)) { - if (sscanf(content_length, "%ud", &x) != 1) { + if (sscanf(content_length, "%30u", &x) != 1) { ast_log(LOG_WARNING, "Invalid Content-Length: %s\n", content_length); return 0; } @@ -7876,10 +7876,10 @@ } /* We only want the m and c lines for audio */ for (m = get_sdp_iterate(&miterator, req, "m"); !ast_strlen_zero(m); m = get_sdp_iterate(&miterator, req, "m")) { - if ((media == SDP_AUDIO && ((sscanf(m, "audio %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || - (sscanf(m, "audio %d RTP/AVP %n", &x, &len) == 1 && len > 0))) || - (media == SDP_VIDEO && ((sscanf(m, "video %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || - (sscanf(m, "video %d RTP/AVP %n", &x, &len) == 1 && len > 0)))) { + if ((media == SDP_AUDIO && ((sscanf(m, "audio %30d/%30d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || + (sscanf(m, "audio %30d RTP/AVP %n", &x, &len) == 1 && len > 0))) || + (media == SDP_VIDEO && ((sscanf(m, "video %30d/%30d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || + (sscanf(m, "video %30d RTP/AVP %n", &x, &len) == 1 && len > 0)))) { /* See if there's a c= line for this media stream. * XXX There is no guarantee that we'll be grabbing the c= line for this * particular media stream here. However, this is the same logic used in process_sdp. @@ -8016,7 +8016,7 @@ ast_log(LOG_WARNING, "SDP syntax error in o= line\n"); return -1; } - if (!sscanf(token, "%" SCNd64, &rua_version)) { + if (!sscanf(token, "%30" SCNd64, &rua_version)) { ast_log(LOG_WARNING, "SDP syntax error in o= line version\n"); return -1; } @@ -8102,8 +8102,8 @@ numberofports = 1; len = -1; - if ((sscanf(m, "audio %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || - (sscanf(m, "audio %d RTP/AVP %n", &x, &len) == 1 && len > 0)) { + if ((sscanf(m, "audio %30d/%30d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || + (sscanf(m, "audio %30d RTP/AVP %n", &x, &len) == 1 && len > 0)) { audio = TRUE; p->offered_media[SDP_AUDIO].offered = TRUE; numberofmediastreams++; @@ -8113,7 +8113,7 @@ codecs = m + len; ast_copy_string(p->offered_media[SDP_AUDIO].text, codecs, sizeof(p->offered_media[SDP_AUDIO].text)); for (; !ast_strlen_zero(codecs); codecs = ast_skip_blanks(codecs + len)) { - if (sscanf(codecs, "%d%n", &codec, &len) != 1) { + if (sscanf(codecs, "%30d%n", &codec, &len) != 1) { ast_log(LOG_WARNING, "Error in codec string '%s'\n", codecs); return -1; } @@ -8122,8 +8122,8 @@ ast_rtp_codecs_payloads_set_m_type(&newaudiortp, NULL, codec); } - } else if ((sscanf(m, "video %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || - (sscanf(m, "video %d RTP/AVP %n", &x, &len) == 1 && len >= 0)) { + } else if ((sscanf(m, "video %30d/%30d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || + (sscanf(m, "video %30d RTP/AVP %n", &x, &len) == 1 && len >= 0)) { video = TRUE; p->novideo = FALSE; p->offered_media[SDP_VIDEO].offered = TRUE; @@ -8133,7 +8133,7 @@ codecs = m + len; ast_copy_string(p->offered_media[SDP_VIDEO].text, codecs, sizeof(p->offered_media[SDP_VIDEO].text)); for (; !ast_strlen_zero(codecs); codecs = ast_skip_blanks(codecs + len)) { - if (sscanf(codecs, "%d%n", &codec, &len) != 1) { + if (sscanf(codecs, "%30d%n", &codec, &len) != 1) { ast_log(LOG_WARNING, "Error in codec string '%s'\n", codecs); return -1; } @@ -8141,8 +8141,8 @@ ast_verbose("Found RTP video format %d\n", codec); ast_rtp_codecs_payloads_set_m_type(&newvideortp, NULL, codec); } - } else if ((sscanf(m, "text %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || - (sscanf(m, "text %d RTP/AVP %n", &x, &len) == 1 && len > 0)) { + } else if ((sscanf(m, "text %30d/%30d RTP/AVP %n", &x, &numberofports, &len) == 2 && len > 0) || + (sscanf(m, "text %30d RTP/AVP %n", &x, &len) == 1 && len > 0)) { text = TRUE; p->offered_media[SDP_TEXT].offered = TRUE; p->notext = FALSE; @@ -8152,7 +8152,7 @@ codecs = m + len; ast_copy_string(p->offered_media[SDP_TEXT].text, codecs, sizeof(p->offered_media[SDP_TEXT].text)); for (; !ast_strlen_zero(codecs); codecs = ast_skip_blanks(codecs + len)) { - if (sscanf(codecs, "%d%n", &codec, &len) != 1) { + if (sscanf(codecs, "%30d%n", &codec, &len) != 1) { ast_log(LOG_WARNING, "Error in codec string '%s'\n", codecs); return -1; } @@ -8160,8 +8160,8 @@ ast_verbose("Found RTP text format %d\n", codec); ast_rtp_codecs_payloads_set_m_type(&newtextrtp, NULL, codec); } - } else if (p->udptl && ( (sscanf(m, "image %d udptl t38%n", &x, &len) == 1 && len > 0) || - (sscanf(m, "image %d UDPTL t38%n", &x, &len) == 1 && len > 0) )) { + } else if (p->udptl && ( (sscanf(m, "image %30d udptl t38%n", &x, &len) == 1 && len > 0) || + (sscanf(m, "image %30d UDPTL t38%n", &x, &len) == 1 && len > 0) )) { if (debug) ast_verbose("Got T.38 offer in SDP in dialog %s\n", p->callid); p->offered_media[SDP_IMAGE].offered = TRUE; @@ -8358,17 +8358,17 @@ red_cp = &red_fmtp[strlen(red_fmtp)]; strncpy(red_fmtp, a, 100); - sscanf(red_cp, "%u", &red_data_pt[red_num_gen]); + sscanf(red_cp, "%30u", &red_data_pt[red_num_gen]); red_cp = strtok(red_cp, "/"); while (red_cp && red_num_gen++ < AST_RED_MAX_GENERATION) { - sscanf(red_cp, "%u", &red_data_pt[red_num_gen]); + sscanf(red_cp, "%30u", &red_data_pt[red_num_gen]); red_cp = strtok(NULL, "/"); } red_cp = red_fmtp; continue; } - if (sscanf(a, "fmtp: %u %63s", &codec, fmtp_string) == 2) { + if (sscanf(a, "fmtp: %30u %63s", &codec, fmtp_string) == 2) { struct ast_rtp_payload_type payload; unsigned int handled = 0; @@ -8382,7 +8382,7 @@ switch (payload.code) { case AST_FORMAT_SIREN7: - if (sscanf(fmtp_string, "bitrate=%u", &bit_rate) == 1) { + if (sscanf(fmtp_string, "bitrate=%30u", &bit_rate) == 1) { if (bit_rate != 32000) { ast_log(LOG_WARNING, "Got Siren7 offer at %d bps, but only 32000 bps supported; ignoring.\n", bit_rate); ast_rtp_codecs_payloads_unset(&newaudiortp, NULL, codec); @@ -8392,7 +8392,7 @@ } break; case AST_FORMAT_SIREN14: - if (sscanf(fmtp_string, "bitrate=%u", &bit_rate) == 1) { + if (sscanf(fmtp_string, "bitrate=%30u", &bit_rate) == 1) { if (bit_rate != 48000) { ast_log(LOG_WARNING, "Got Siren14 offer at %d bps, but only 48000 bps supported; ignoring.\n", bit_rate); ast_rtp_codecs_payloads_unset(&newaudiortp, NULL, codec); @@ -8410,7 +8410,7 @@ continue; } - if (sscanf(a, "rtpmap: %u %127[^/]/%u", &codec, mimeSubtype, &sample_rate) == 3) { + if (sscanf(a, "rtpmap: %30u %127[^/]/%30u", &codec, mimeSubtype, &sample_rate) == 3) { /* We have a rtpmap to handle */ if (last_rtpmap_codec < SDP_MAX_RTPMAP_CODECS) { @@ -8472,10 +8472,10 @@ /* Scan trough the a= lines for T38 attributes and set apropriate fileds */ iterator = req->sdp_start; while ((a = get_sdp_iterate(&iterator, req, "a"))[0] != '\0') { - if ((sscanf(a, "T38FaxMaxBuffer:%d", &x) == 1)) { + if ((sscanf(a, "T38FaxMaxBuffer:%30d", &x) == 1)) { found = 1; ast_debug(3, "MaxBufferSize:%d\n", x); - } else if ((sscanf(a, "T38MaxBitRate:%d", &x) == 1) || (sscanf(a, "T38FaxMaxRate:%d", &x) == 1)) { + } else if ((sscanf(a, "T38MaxBitRate:%30d", &x) == 1) || (sscanf(a, "T38FaxMaxRate:%30d", &x) == 1)) { found = 1; ast_debug(3, "T38MaxBitRate: %d\n", x); switch (x) { @@ -8498,17 +8498,17 @@ p->t38.their_parms.rate = AST_T38_RATE_2400; break; } - } else if ((sscanf(a, "T38FaxVersion:%d", &x) == 1)) { + } else if ((sscanf(a, "T38FaxVersion:%30d", &x) == 1)) { found = 1; ast_debug(3, "FaxVersion: %d\n", x); p->t38.their_parms.version = x; - } else if ((sscanf(a, "T38FaxMaxDatagram:%d", &x) == 1) || (sscanf(a, "T38MaxDatagram:%d", &x) == 1)) { + } else if ((sscanf(a, "T38FaxMaxDatagram:%30d", &x) == 1) || (sscanf(a, "T38MaxDatagram:%30d", &x) == 1)) { found = 1; ast_debug(3, "FaxMaxDatagram: %d\n", x); ast_udptl_set_far_max_datagram(p->udptl, x); } else if ((strncmp(a, "T38FaxFillBitRemoval", 20) == 0)) { found = 1; - if (sscanf(a, "T38FaxFillBitRemoval:%d", &x) == 1) { + if (sscanf(a, "T38FaxFillBitRemoval:%30d", &x) == 1) { ast_debug(3, "FillBitRemoval: %d\n", x); if (x == 1) { p->t38.their_parms.fill_bit_removal = TRUE; @@ -8519,7 +8519,7 @@ } } else if ((strncmp(a, "T38FaxTranscodingMMR", 20) == 0)) { found = 1; - if (sscanf(a, "T38FaxTranscodingMMR:%d", &x) == 1) { + if (sscanf(a, "T38FaxTranscodingMMR:%30d", &x) == 1) { ast_debug(3, "Transcoding MMR: %d\n", x); if (x == 1) { p->t38.their_parms.transcoding_mmr = TRUE; @@ -8530,7 +8530,7 @@ } } else if ((strncmp(a, "T38FaxTranscodingJBIG", 21) == 0)) { found = 1; - if (sscanf(a, "T38FaxTranscodingJBIG:%d", &x) == 1) { + if (sscanf(a, "T38FaxTranscodingJBIG:%30d", &x) == 1) { ast_debug(3, "Transcoding JBIG: %d\n", x); if (x == 1) { p->t38.their_parms.transcoding_jbig = TRUE; @@ -9297,7 +9297,7 @@ struct sip_request resp; int seqno = 0; - if (reliable && (sscanf(get_header(req, "CSeq"), "%d ", &seqno) != 1)) { + if (reliable && (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1)) { ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", get_header(req, "CSeq")); return -1; } @@ -9473,7 +9473,7 @@ char tmp[512]; int seqno = 0; - if (reliable && (sscanf(get_header(req, "CSeq"), "%d ", &seqno) != 1)) { + if (reliable && (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1)) { ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", get_header(req, "CSeq")); return -1; } @@ -10185,7 +10185,7 @@ struct sip_request resp; int seqno; - if (sscanf(get_header(req, "CSeq"), "%d ", &seqno) != 1) { + if (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1) { ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", get_header(req, "CSeq")); return -1; } @@ -10230,7 +10230,7 @@ { struct sip_request resp; int seqno; - if (sscanf(get_header(req, "CSeq"), "%d ", &seqno) != 1) { + if (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1) { ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", get_header(req, "CSeq")); return -1; } @@ -12103,7 +12103,7 @@ char *s = strcasestr(contact, ";expires="); if (s) { expires = strsep(&s, ";"); /* trim ; and beyond */ - if (sscanf(expires + 9, "%d", &expire) != 1) + if (sscanf(expires + 9, "%30d", &expire) != 1) expire = default_expiry; } else { /* Nothing has been specified */ @@ -17149,7 +17149,7 @@ if (!args.number) { number = 1; } else { - sscanf(args.number, "%d", &number); + sscanf(args.number, "%30d", &number); if (number < 1) number = 1; } @@ -18331,7 +18331,7 @@ } tmptmp = strcasestr(contact, "expires="); if (tmptmp) { - if (sscanf(tmptmp + 8, "%d;", &expires) != 1) + if (sscanf(tmptmp + 8, "%30d;", &expires) != 1) expires = 0; } @@ -21832,7 +21832,7 @@ ast_log(LOG_ERROR, "Missing Cseq. Dropping this SIP message, it's incomplete.\n"); error = 1; } - if (!error && sscanf(cseq, "%d%n", &seqno, &len) != 1) { + if (!error && sscanf(cseq, "%30d%n", &seqno, &len) != 1) { ast_log(LOG_ERROR, "No seqno in '%s'. Dropping incomplete message.\n", cmd); error = 1; } @@ -21863,7 +21863,7 @@ if (ast_strlen_zero(e)) { return 0; } - if (sscanf(e, "%d %n", &respid, &len) != 1) { + if (sscanf(e, "%30d %n", &respid, &len) != 1) { ast_log(LOG_WARNING, "Invalid response: '%s'\n", e); return 0; } @@ -22427,7 +22427,7 @@ if ((port = strrchr(line, ':'))) { *port++ = '\0'; - if (!sscanf(port, "%u", portnum)) { + if (!sscanf(port, "%5u", portnum)) { ast_log(LOG_NOTICE, "'%s' is not a valid port number on line %d of sip.conf. using default.\n", port, lineno); port = NULL; } @@ -22831,7 +22831,7 @@ *p_interval = 0; p_hdrval = ast_skip_blanks(p_hdrval); - if (!sscanf(p_hdrval, "%d", p_interval)) { + if (!sscanf(p_hdrval, "%30d", p_interval)) { ast_log(LOG_WARNING, "Parsing of Min-SE header failed %s\n", p_hdrval); return -1; } @@ -22861,7 +22861,7 @@ while ((p_token = strsep(&p_se_hdr, ";"))) { p_token = ast_skip_blanks(p_token); - if (!sscanf(p_token, "%d", p_interval)) { + if (!sscanf(p_token, "%30d", p_interval)) { ast_log(LOG_WARNING, "Parsing of Session-Expires failed\n"); return -1; } @@ -23957,7 +23957,7 @@ } else if (realtime && !strcasecmp(v->name, "regseconds")) { ast_get_time_t(v->value, ®seconds, 0, NULL); } else if (realtime && !strcasecmp(v->name, "lastms")) { - sscanf(v->value, "%d", &peer->lastms); + sscanf(v->value, "%30d", &peer->lastms); } else if (realtime && !strcasecmp(v->name, "ipaddr") && !ast_strlen_zero(v->value) ) { inet_aton(v->value, &(peer->addr.sin_addr)); } else if (realtime && !strcasecmp(v->name, "name")) @@ -24160,22 +24160,22 @@ } else if (!strcasecmp(v->name, "autoframing")) { peer->autoframing = ast_true(v->value); } else if (!strcasecmp(v->name, "rtptimeout")) { - if ((sscanf(v->value, "%d", &peer->rtptimeout) != 1) || (peer->rtptimeout < 0)) { + if ((sscanf(v->value, "%30d", &peer->rtptimeout) != 1) || (peer->rtptimeout < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP hold time at line %d. Using default.\n", v->value, v->lineno); peer->rtptimeout = global_rtptimeout; } } else if (!strcasecmp(v->name, "rtpholdtimeout")) { - if ((sscanf(v->value, "%d", &peer->rtpholdtimeout) != 1) || (peer->rtpholdtimeout < 0)) { + if ((sscanf(v->value, "%30d", &peer->rtpholdtimeout) != 1) || (peer->rtpholdtimeout < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP hold time at line %d. Using default.\n", v->value, v->lineno); peer->rtpholdtimeout = global_rtpholdtimeout; } } else if (!strcasecmp(v->name, "rtpkeepalive")) { - if ((sscanf(v->value, "%d", &peer->rtpkeepalive) != 1) || (peer->rtpkeepalive < 0)) { + if ((sscanf(v->value, "%30d", &peer->rtpkeepalive) != 1) || (peer->rtpkeepalive < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP keepalive time at line %d. Using default.\n", v->value, v->lineno); peer->rtpkeepalive = global_rtpkeepalive; } } else if (!strcasecmp(v->name, "timert1")) { - if ((sscanf(v->value, "%d", &peer->timer_t1) != 1) || (peer->timer_t1 < 0)) { + if ((sscanf(v->value, "%30d", &peer->timer_t1) != 1) || (peer->timer_t1 < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid T1 time at line %d. Using default.\n", v->value, v->lineno); peer->timer_t1 = global_t1; } @@ -24185,7 +24185,7 @@ peer->timer_b = peer->timer_t1 * 64; } } else if (!strcasecmp(v->name, "timerb")) { - if ((sscanf(v->value, "%d", &peer->timer_b) != 1) || (peer->timer_b < 0)) { + if ((sscanf(v->value, "%30d", &peer->timer_b) != 1) || (peer->timer_b < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid Timer B time at line %d. Using default.\n", v->value, v->lineno); peer->timer_b = global_timer_b; } @@ -24206,7 +24206,7 @@ peer->maxms = 0; } else if (!strcasecmp(v->value, "yes")) { peer->maxms = default_qualify ? default_qualify : DEFAULT_MAXMS; - } else if (sscanf(v->value, "%d", &peer->maxms) != 1) { + } else if (sscanf(v->value, "%30d", &peer->maxms) != 1) { ast_log(LOG_WARNING, "Qualification of peer '%s' should be 'yes', 'no', or a number of milliseconds at line %d of sip.conf\n", peer->name, v->lineno); peer->maxms = 0; } @@ -24220,7 +24220,7 @@ } } else if (!strcasecmp(v->name, "qualifyfreq")) { int i; - if (sscanf(v->value, "%d", &i) == 1) + if (sscanf(v->value, "%30d", &i) == 1) peer->qualifyfreq = i * 1000; else { ast_log(LOG_WARNING, "Invalid qualifyfreq number '%s' at line %d of %s\n", v->value, v->lineno, config); @@ -24239,12 +24239,12 @@ peer->stimer.st_mode_oper = i; } } else if (!strcasecmp(v->name, "session-expires")) { - if (sscanf(v->value, "%d", &peer->stimer.st_max_se) != 1) { + if (sscanf(v->value, "%30d", &peer->stimer.st_max_se) != 1) { ast_log(LOG_WARNING, "Invalid session-expires '%s' at line %d of %s\n", v->value, v->lineno, config); peer->stimer.st_max_se = global_max_se; } } else if (!strcasecmp(v->name, "session-minse")) { - if (sscanf(v->value, "%d", &peer->stimer.st_min_se) != 1) { + if (sscanf(v->value, "%30d", &peer->stimer.st_min_se) != 1) { ast_log(LOG_WARNING, "Invalid session-minse '%s' at line %d of %s\n", v->value, v->lineno, config); peer->stimer.st_min_se = global_min_se; } @@ -24728,17 +24728,17 @@ } else if (!strcasecmp(v->name, "vmexten")) { ast_copy_string(default_vmexten, v->value, sizeof(default_vmexten)); } else if (!strcasecmp(v->name, "rtptimeout")) { - if ((sscanf(v->value, "%d", &global_rtptimeout) != 1) || (global_rtptimeout < 0)) { + if ((sscanf(v->value, "%30d", &global_rtptimeout) != 1) || (global_rtptimeout < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP hold time at line %d. Using default.\n", v->value, v->lineno); global_rtptimeout = 0; } } else if (!strcasecmp(v->name, "rtpholdtimeout")) { - if ((sscanf(v->value, "%d", &global_rtpholdtimeout) != 1) || (global_rtpholdtimeout < 0)) { + if ((sscanf(v->value, "%30d", &global_rtpholdtimeout) != 1) || (global_rtpholdtimeout < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP hold time at line %d. Using default.\n", v->value, v->lineno); global_rtpholdtimeout = 0; } } else if (!strcasecmp(v->name, "rtpkeepalive")) { - if ((sscanf(v->value, "%d", &global_rtpkeepalive) != 1) || (global_rtpkeepalive < 0)) { + if ((sscanf(v->value, "%30d", &global_rtpkeepalive) != 1) || (global_rtpkeepalive < 0)) { ast_log(LOG_WARNING, "'%s' is not a valid RTP keepalive time at line %d. Using default.\n", v->value, v->lineno); global_rtpkeepalive = DEFAULT_RTPKEEPALIVE; } @@ -24886,7 +24886,7 @@ if (!externip.sin_port) externip.sin_port = bindaddr.sin_port; } else if (!strcasecmp(v->name, "externrefresh")) { - if (sscanf(v->value, "%d", &externrefresh) != 1) { + if (sscanf(v->value, "%30d", &externrefresh) != 1) { ast_log(LOG_WARNING, "Invalid externrefresh value '%s', must be an integer >0 at line %d\n", v->value, v->lineno); externrefresh = 10; } @@ -24950,28 +24950,28 @@ ast_log(LOG_WARNING, "Invalid cos_text value at line %d, refer to QoS documentation\n", v->lineno); } else if (!strcasecmp(v->name, "bindport")) { int i; - if (sscanf(v->value, "%d", &i) == 1) { + if (sscanf(v->value, "%5d", &i) == 1) { bindaddr.sin_port = htons(i); } else { ast_log(LOG_WARNING, "Invalid port number '%s' at line %d of %s\n", v->value, v->lineno, config); } } else if (!strcasecmp(v->name, "hash_user")) { int i; - if (sscanf(v->value, "%d", &i) == 1 && i > 2) { + if (sscanf(v->value, "%30d", &i) == 1 && i > 2) { hash_user_size = i; } else { ast_log(LOG_WARNING, "Invalid hash_user size '%s' at line %d of %s -- should be much larger than 2\n", v->value, v->lineno, config); } } else if (!strcasecmp(v->name, "hash_peer")) { int i; - if (sscanf(v->value, "%d", &i) == 1 && i > 2) { + if (sscanf(v->value, "%30d", &i) == 1 && i > 2) { hash_peer_size = i; } else { ast_log(LOG_WARNING, "Invalid hash_peer size '%s' at line %d of %s -- should be much larger than 2\n", v->value, v->lineno, config); } } else if (!strcasecmp(v->name, "hash_dialog")) { int i; - if (sscanf(v->value, "%d", &i) == 1 && i > 2) { + if (sscanf(v->value, "%30d", &i) == 1 && i > 2) { hash_dialog_size = i; } else { ast_log(LOG_WARNING, "Invalid hash_dialog size '%s' at line %d of %s -- should be much larger than 2\n", v->value, v->lineno, config); @@ -24981,13 +24981,13 @@ default_qualify = 0; } else if (!strcasecmp(v->value, "yes")) { default_qualify = DEFAULT_MAXMS; - } else if (sscanf(v->value, "%d", &default_qualify) != 1) { + } else if (sscanf(v->value, "%30d", &default_qualify) != 1) { ast_log(LOG_WARNING, "Qualification default should be 'yes', 'no', or a number of milliseconds at line %d of sip.conf\n", v->lineno); default_qualify = 0; } } else if (!strcasecmp(v->name, "qualifyfreq")) { int i; - if (sscanf(v->value, "%d", &i) == 1) + if (sscanf(v->value, "%30d", &i) == 1) global_qualifyfreq = i * 1000; else { ast_log(LOG_WARNING, "Invalid qualifyfreq number '%s' at line %d of %s\n", v->value, v->lineno, config); @@ -25012,12 +25012,12 @@ global_st_mode = i; } } else if (!strcasecmp(v->name, "session-expires")) { - if (sscanf(v->value, "%d", &global_max_se) != 1) { + if (sscanf(v->value, "%30d", &global_max_se) != 1) { ast_log(LOG_WARNING, "Invalid session-expires '%s' at line %d of %s\n", v->value, v->lineno, config); global_max_se = DEFAULT_MAX_SE; } } else if (!strcasecmp(v->name, "session-minse")) { - if (sscanf(v->value, "%d", &global_min_se) != 1) { + if (sscanf(v->value, "%30d", &global_min_se) != 1) { ast_log(LOG_WARNING, "Invalid session-minse '%s' at line %d of %s\n", v->value, v->lineno, config); global_min_se = DEFAULT_MIN_SE; } @@ -25034,12 +25034,12 @@ global_st_refresher = i; } } else if (!strcasecmp(v->name, "qualifygap")) { - if (sscanf(v->value, "%d", &global_qualify_gap) != 1) { + if (sscanf(v->value, "%30d", &global_qualify_gap) != 1) { ast_log(LOG_WARNING, "Invalid qualifygap '%s' at line %d of %s\n", v->value, v->lineno, config); global_qualify_gap = DEFAULT_QUALIFY_GAP; } } else if (!strcasecmp(v->name, "qualifypeers")) { - if (sscanf(v->value, "%d", &global_qualify_peers) != 1) { + if (sscanf(v->value, "%30d", &global_qualify_peers) != 1) { ast_log(LOG_WARNING, "Invalid pokepeers '%s' at line %d of %s\n", v->value, v->lineno, config); global_qualify_peers = DEFAULT_QUALIFY_PEERS; } @@ -25663,7 +25663,7 @@ memset(lport, 0, sizeof(lport)); localtmp++; /* This is okey because lhost and lport are as big as tmp */ - sscanf(localtmp, "%[^<>:; ]:%[^<>:; ]", lhost, lport); + sscanf(localtmp, "%80[^<>:; ]:%80[^<>:; ]", lhost, lport); if (ast_strlen_zero(lhost)) { ast_log(LOG_ERROR, "Can't find the host address\n"); return 0; Index: channels/chan_agent.c =================================================================== --- channels/chan_agent.c (revision 211538) +++ channels/chan_agent.c (revision 211539) @@ -1346,9 +1346,9 @@ struct timeval now; s = data; - if ((s[0] == '@') && (sscanf(s + 1, "%d", &groupoff) == 1)) { + if ((s[0] == '@') && (sscanf(s + 1, "%30d", &groupoff) == 1)) { groupmatch = (1 << groupoff); - } else if ((s[0] == ':') && (sscanf(s + 1, "%d", &groupoff) == 1)) { + } else if ((s[0] == ':') && (sscanf(s + 1, "%30d", &groupoff) == 1)) { groupmatch = (1 << groupoff); waitforagent = 1; } else @@ -2174,9 +2174,9 @@ int res = AST_DEVICE_INVALID; s = data; - if ((s[0] == '@') && (sscanf(s + 1, "%d", &groupoff) == 1)) + if ((s[0] == '@') && (sscanf(s + 1, "%30d", &groupoff) == 1)) groupmatch = (1 << groupoff); - else if ((s[0] == ':') && (sscanf(s + 1, "%d", &groupoff) == 1)) { + else if ((s[0] == ':') && (sscanf(s + 1, "%30d", &groupoff) == 1)) { groupmatch = (1 << groupoff); } else groupmatch = 0; Index: channels/iax2-provision.c =================================================================== --- channels/iax2-provision.c (revision 211538) +++ channels/iax2-provision.c (revision 211539) @@ -261,7 +261,7 @@ ast_mutex_lock(&provlock); ast_db_get("iax/provisioning/cache", template, tmp, sizeof(tmp)); - if (sscanf(tmp, "v%x", version) != 1) { + if (sscanf(tmp, "v%30x", version) != 1) { if (strcmp(tmp, "u")) { ret = iax_provision_build(&ied, version, template, force); if (ret) @@ -319,7 +319,7 @@ v = ast_variable_browse(cfg, s); while(v) { if (!strcasecmp(v->name, "port") || !strcasecmp(v->name, "serverport")) { - if ((sscanf(v->value, "%d", &x) == 1) && (x > 0) && (x < 65535)) { + if ((sscanf(v->value, "%5d", &x) == 1) && (x > 0) && (x < 65535)) { if (!strcasecmp(v->name, "port")) { cur->port = x; foundportno = 1; Index: channels/chan_iax2.c =================================================================== --- channels/chan_iax2.c (revision 211538) +++ channels/chan_iax2.c (revision 211539) @@ -11072,18 +11072,18 @@ peer->maxms = 0; } else if (!strcasecmp(v->value, "yes")) { peer->maxms = DEFAULT_MAXMS; - } else if (sscanf(v->value, "%d", &peer->maxms) != 1) { + } else if (sscanf(v->value, "%30d", &peer->maxms) != 1) { ast_log(LOG_WARNING, "Qualification of peer '%s' should be 'yes', 'no', or a number of milliseconds at line %d of iax.conf\n", peer->name, v->lineno); peer->maxms = 0; } } else if (!strcasecmp(v->name, "qualifysmoothing")) { peer->smoothing = ast_true(v->value); } else if (!strcasecmp(v->name, "qualifyfreqok")) { - if (sscanf(v->value, "%d", &peer->pokefreqok) != 1) { + if (sscanf(v->value, "%30d", &peer->pokefreqok) != 1) { ast_log(LOG_WARNING, "Qualification testing frequency of peer '%s' when OK should a number of milliseconds at line %d of iax.conf\n", peer->name, v->lineno); } } else if (!strcasecmp(v->name, "qualifyfreqnotok")) { - if (sscanf(v->value, "%d", &peer->pokefreqnotok) != 1) { + if (sscanf(v->value, "%30d", &peer->pokefreqnotok) != 1) { ast_log(LOG_WARNING, "Qualification testing frequency of peer '%s' when NOT OK should be a number of milliseconds at line %d of iax.conf\n", peer->name, v->lineno); } else ast_log(LOG_WARNING, "Set peer->pokefreqnotok to %d\n", peer->pokefreqnotok); } else if (!strcasecmp(v->name, "timezone")) { @@ -11720,7 +11720,7 @@ if (trunkmaxsize == 0) trunkmaxsize = MAX_TRUNKDATA; } else if (!strcasecmp(v->name, "autokill")) { - if (sscanf(v->value, "%d", &x) == 1) { + if (sscanf(v->value, "%30d", &x) == 1) { if (x >= 0) autokill = x; else Index: channels/chan_oss.c =================================================================== --- channels/chan_oss.c (revision 211538) +++ channels/chan_oss.c (revision 211539) @@ -1235,7 +1235,7 @@ static void store_boost(struct chan_oss_pvt *o, const char *s) { double boost = 0; - if (sscanf(s, "%lf", &boost) != 1) { + if (sscanf(s, "%30lf", &boost) != 1) { ast_log(LOG_WARNING, "invalid boost <%s>\n", s); return; } Index: channels/chan_misdn.c =================================================================== --- channels/chan_misdn.c (revision 211538) +++ channels/chan_misdn.c (revision 211539) @@ -3979,7 +3979,7 @@ ok = 1; } return ok ? CLI_SUCCESS : CLI_SHOWUSAGE; - } else if (!sscanf(a->argv[3], "%d", &onlyport) || onlyport < 0) { + } else if (!sscanf(a->argv[3], "%5d", &onlyport) || onlyport < 0) { ast_cli(a->fd, "Unknown option: %s\n", a->argv[3]); return CLI_SHOWUSAGE; } Index: channels/chan_skinny.c =================================================================== --- channels/chan_skinny.c (revision 211538) +++ channels/chan_skinny.c (revision 211539) @@ -6689,7 +6689,7 @@ ast_log(LOG_WARNING, "Invalid cos_video value at line %d, refer to QoS documentation\n", v->lineno); continue; } else if (!strcasecmp(v->name, "bindport")) { - if (sscanf(v->value, "%d", &ourport) == 1) { + if (sscanf(v->value, "%5d", &ourport) == 1) { bindaddr.sin_port = htons(ourport); } else { ast_log(LOG_WARNING, "Invalid bindport '%s' at line %d of %s\n", v->value, v->lineno, config); @@ -7166,7 +7166,7 @@ /* load the general section */ cat = ast_category_browse(cfg, "general"); config_parse_variables(TYPE_GENERAL, NULL, ast_variable_browse(cfg, "general")); - + if (ntohl(bindaddr.sin_addr.s_addr)) { __ourip = bindaddr.sin_addr; } else { Index: channels/xpmr/xpmr.c =================================================================== --- channels/xpmr/xpmr.c (revision 211538) +++ channels/xpmr/xpmr.c (revision 211539) @@ -279,11 +279,11 @@ if(!xpmrx(pChan,XXO_LSDCODEPARSE_1)) #endif { - sscanf(p,"%f",&_f); + sscanf(p, "%30f", &_f); ri=CtcssFreqIndex(_f); if(ri>maxctcssindex)maxctcssindex=ri; - sscanf(pChan->pTxCode[i],"%f",&_f); + sscanf(pChan->pTxCode[i], "%30f", &_f); _ti=CtcssFreqIndex(_f); if(_f>maxctcsstxfreq)maxctcsstxfreq=_f; @@ -350,7 +350,7 @@ if(!lsd_code_parse(pChan,3)) #endif { - sscanf(p,"%f",&f); + sscanf(p, "%30f", &f); ti=CtcssFreqIndex(f); if(f>maxctcsstxfreq)maxctcsstxfreq=f; Index: channels/chan_mgcp.c =================================================================== --- channels/chan_mgcp.c (revision 211538) +++ channels/chan_mgcp.c (revision 211539) @@ -1866,7 +1866,7 @@ ast_log(LOG_WARNING, "Unable to lookup host in c= line, '%s'\n", c); return -1; } - if (sscanf(m, "audio %d RTP/AVP %n", &portno, &len) != 1) { + if (sscanf(m, "audio %30d RTP/AVP %n", &portno, &len) != 1) { ast_log(LOG_WARNING, "Unable to determine port number for RTP in '%s'\n", m); return -1; } @@ -1881,7 +1881,7 @@ ast_rtp_codecs_payloads_clear(ast_rtp_instance_get_codecs(sub->rtp), sub->rtp); codecs = ast_strdupa(m + len); while (!ast_strlen_zero(codecs)) { - if (sscanf(codecs, "%d%n", &codec, &len) != 1) { + if (sscanf(codecs, "%30d%n", &codec, &len) != 1) { if (codec_count) break; ast_log(LOG_WARNING, "Error in codec string '%s' at '%s'\n", m, codecs); @@ -1897,7 +1897,7 @@ sdpLineNum_iterator_init(&iterator); while ((a = get_sdp_iterate(&iterator, req, "a"))[0] != '\0') { char* mimeSubtype = ast_strdupa(a); /* ensures we have enough space */ - if (sscanf(a, "rtpmap: %u %[^/]/", &codec, mimeSubtype) != 2) + if (sscanf(a, "rtpmap: %30u %127[^/]/", &codec, mimeSubtype) != 2) continue; /* Note: should really look at the 'freq' and '#chans' params too */ ast_rtp_codecs_payloads_set_rtpmap_type(ast_rtp_instance_get_codecs(sub->rtp), sub->rtp, codec, "audio", mimeSubtype, 0); @@ -2030,7 +2030,7 @@ mgr = ast_calloc(1, sizeof(*mgr) + resp.len + 1); if (mgr) { /* Store MGCP response in case we have to retransmit */ - sscanf(req->identifier, "%d", &mgr->seqno); + sscanf(req->identifier, "%30d", &mgr->seqno); time(&mgr->whensent); mgr->len = resp.len; memcpy(mgr->buf, resp.data, resp.len); @@ -3259,7 +3259,7 @@ time_t now; struct mgcp_response *prev = NULL, *cur, *next, *answer=NULL; time(&now); - if (sscanf(req->identifier, "%d", &seqno) != 1) + if (sscanf(req->identifier, "%30d", &seqno) != 1) seqno = 0; cur = sub->parent->parent->responses; while(cur) { @@ -3317,7 +3317,7 @@ return 1; } - if (sscanf(req.verb, "%d", &result) && sscanf(req.identifier, "%d", &ident)) { + if (sscanf(req.verb, "%30d", &result) && sscanf(req.identifier, "%30d", &ident)) { /* Try to find who this message is for, if it's important */ sub = find_subchannel_and_lock(NULL, ident, &sin); if (sub) { @@ -4142,7 +4142,7 @@ if (ast_str2cos(v->value, &qos.cos_audio)) ast_log(LOG_WARNING, "Invalid cos_audio value at line %d, refer to QoS documentation\n", v->lineno); } else if (!strcasecmp(v->name, "port")) { - if (sscanf(v->value, "%d", &ourport) == 1) { + if (sscanf(v->value, "%5d", &ourport) == 1) { bindaddr.sin_port = htons(ourport); } else { ast_log(LOG_WARNING, "Invalid port number '%s' at line %d of %s\n", v->value, v->lineno, config); Index: channels/sig_pri.c =================================================================== --- channels/sig_pri.c (revision 211538) +++ channels/sig_pri.c (revision 211539) @@ -516,7 +516,7 @@ /* if so, try next channel */ if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); if (why) { ast_log(LOG_NOTICE, "span '%d' channel '%d' out-of-service (reason: %s), not sending RESTART\n", pri->span, pri->pvts[pri->resetpos]->channel, (why & SRVST_FAREND) ? (why & SRVST_NEAREND) ? "both ends" : "far end" : "near end"); @@ -1014,7 +1014,7 @@ ast_mutex_unlock(&pri->pvts[chanpos]->service_lock); if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); if (why) { ast_log(LOG_NOTICE, "span '%d' channel '%d' out-of-service (reason: %s), ignoring RESTART\n", pri->span, e->restart.channel, (why & SRVST_FAREND) ? (why & SRVST_NEAREND) ? "both ends" : "far end" : "near end"); @@ -1126,7 +1126,7 @@ snprintf(db_chan_name, sizeof(db_chan_name), "%s/%d:%d", dahdi_db, pri->pvts[chanpos]->pri->span, ch); if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); ast_db_del(db_chan_name, SRVST_DBKEY); } switch (e->service.changestatus) { @@ -2369,7 +2369,7 @@ snprintf(db_chan_name, sizeof(db_chan_name), "%s/%d:%d", dahdi_db, p->pri->span, p->channel); if (!ast_db_get(db_chan_name, SRVST_DBKEY, db_answer, sizeof(db_answer))) { - sscanf(db_answer, "%c:%d", &state, &why); + sscanf(db_answer, "%1c:%30d", &state, &why); } if ((p->resetting || p->call) || (why)) { if (why) { Index: agi/eagi-test.c =================================================================== --- agi/eagi-test.c (revision 211538) +++ agi/eagi-test.c (revision 211539) @@ -156,7 +156,7 @@ } tmp = getenv("agi_enhanced"); if (tmp) { - if (sscanf(tmp, "%d.%d", &ver, &subver) != 2) + if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2) ver = 0; } if (ver < 1) { Index: agi/eagi-sphinx-test.c =================================================================== --- agi/eagi-sphinx-test.c (revision 211538) +++ agi/eagi-sphinx-test.c (revision 211539) @@ -223,7 +223,7 @@ connect_sphinx(); tmp = getenv("agi_enhanced"); if (tmp) { - if (sscanf(tmp, "%d.%d", &ver, &subver) != 2) + if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2) ver = 0; } if (ver < 1) { Index: cel/cel_adaptive_odbc.c =================================================================== --- cel/cel_adaptive_odbc.c (revision 211538) +++ cel/cel_adaptive_odbc.c (revision 211539) @@ -503,7 +503,7 @@ case SQL_TYPE_DATE: { int year = 0, month = 0, day = 0; - if (sscanf(colptr, "%d-%d-%d", &year, &month, &day) != 3 || year <= 0 || + if (sscanf(colptr, "%4d-%2d-%2d", &year, &month, &day) != 3 || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || ((month == 4 || month == 6 || month == 9 || month == 11) && day == 31) || (month == 2 && year % 400 == 0 && day > 29) || @@ -526,7 +526,7 @@ case SQL_TYPE_TIME: { int hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d:%d:%d", &hour, &minute, &second); + int count = sscanf(colptr, "%2d:%2d:%2d", &hour, &minute, &second); if ((count != 2 && count != 3) || hour < 0 || hour > 23 || minute < 0 || minute > 59 || second < 0 || second > 59) { ast_log(LOG_WARNING, "CEL variable %s is not a valid time ('%s').\n", entry->name, colptr); @@ -542,7 +542,7 @@ case SQL_TIMESTAMP: { int year = 0, month = 0, day = 0, hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d-%d-%d %d:%d:%d", &year, &month, &day, &hour, &minute, &second); + int count = sscanf(colptr, "%4d-%2d-%2d %2d:%2d:%2d", &year, &month, &day, &hour, &minute, &second); if ((count != 3 && count != 5 && count != 6) || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || @@ -570,7 +570,7 @@ int integer = 0; if (strcasecmp(entry->name, "eventtype") == 0) { integer = (int) record.event_type; - } else if (sscanf(colptr, "%d", &integer) != 1) { + } else if (sscanf(colptr, "%30d", &integer) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an integer.\n", entry->name); continue; } @@ -585,7 +585,7 @@ long long integer = 0; if (strcasecmp(entry->name, "eventtype") == 0) { integer = (long long) record.event_type; - } else if (sscanf(colptr, "%lld", &integer) != 1) { + } else if (sscanf(colptr, "%30lld", &integer) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an integer.\n", entry->name); continue; } @@ -600,7 +600,7 @@ short integer = 0; if (strcasecmp(entry->name, "eventtype") == 0) { integer = (short) record.event_type; - } else if (sscanf(colptr, "%hd", &integer) != 1) { + } else if (sscanf(colptr, "%30hd", &integer) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an integer.\n", entry->name); continue; } @@ -615,7 +615,7 @@ char integer = 0; if (strcasecmp(entry->name, "eventtype") == 0) { integer = (char) record.event_type; - } else if (sscanf(colptr, "%hhd", &integer) != 1) { + } else if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an integer.\n", entry->name); continue; } @@ -630,7 +630,7 @@ char integer = 0; if (strcasecmp(entry->name, "eventtype") == 0) { integer = (char) record.event_type; - } else if (sscanf(colptr, "%hhd", &integer) != 1) { + } else if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an integer.\n", entry->name); continue; } @@ -648,7 +648,7 @@ double number = 0.0; if (strcasecmp(entry->name, "eventtype") == 0) { number = (double)record.event_type; - } else if (sscanf(colptr, "%lf", &number) != 1) { + } else if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an numeric type.\n", entry->name); continue; } @@ -665,7 +665,7 @@ double number = 0.0; if (strcasecmp(entry->name, "eventtype") == 0) { number = (double) record.event_type; - } else if (sscanf(colptr, "%lf", &number) != 1) { + } else if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CEL variable %s is not an numeric type.\n", entry->name); continue; } Index: cel/cel_pgsql.c =================================================================== --- cel/cel_pgsql.c (revision 211538) +++ cel/cel_pgsql.c (revision 211539) @@ -244,7 +244,7 @@ } if (strncmp(cur->type, "int", 3) == 0) { long long whatever; - if (value && sscanf(value, "%lld", &whatever) == 1) { + if (value && sscanf(value, "%30lld", &whatever) == 1) { LENGTHEN_BUF2(26); ast_str_append(&sql2, 0, "%s%lld", SEP, whatever); } else { @@ -253,7 +253,7 @@ } } else if (strncmp(cur->type, "float", 5) == 0) { long double whatever; - if (value && sscanf(value, "%Lf", &whatever) == 1) { + if (value && sscanf(value, "%30Lf", &whatever) == 1) { LENGTHEN_BUF2(51); ast_str_append(&sql2, 0, "%s%30Lf", SEP, whatever); } else { @@ -493,7 +493,7 @@ ast_verb(4, "Found column '%s' of type '%s'\n", fname, ftype); cur = ast_calloc(1, sizeof(*cur) + strlen(fname) + strlen(ftype) + 2); if (cur) { - sscanf(flen, "%d", &cur->len); + sscanf(flen, "%30d", &cur->len); cur->name = (char *)cur + sizeof(*cur); cur->type = (char *)cur + sizeof(*cur) + strlen(fname) + 1; strcpy(cur->name, fname); Index: apps/app_stack.c =================================================================== --- apps/app_stack.c (revision 211538) +++ apps/app_stack.c (revision 211539) @@ -570,7 +570,7 @@ ast_debug(1, "Gosub called with %d arguments: 0:%s 1:%s 2:%s 3:%s 4:%s\n", argc, argv[0], argv[1], argv[2], argv[3], argc == 5 ? argv[4] : ""); - if (sscanf(argv[3], "%d", &priority) != 1 || priority < 1) { + if (sscanf(argv[3], "%30d", &priority) != 1 || priority < 1) { /* Lookup the priority label */ if ((priority = ast_findlabel_extension(chan, argv[1], argv[2], argv[3], chan->cid.cid_num)) < 0) { ast_log(LOG_ERROR, "Priority '%s' not found in '%s@%s'\n", argv[3], argv[2], argv[1]); Index: apps/app_chanspy.c =================================================================== --- apps/app_chanspy.c (revision 211538) +++ apps/app_chanspy.c (revision 211539) @@ -1037,7 +1037,7 @@ if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) { int vol; - if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4)) + if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4)) ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n"); else volfactor = vol; @@ -1158,7 +1158,7 @@ if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) { int vol; - if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4)) + if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4)) ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n"); else volfactor = vol; Index: apps/app_adsiprog.c =================================================================== --- apps/app_adsiprog.c (revision 211538) +++ apps/app_adsiprog.c (revision 211539) @@ -201,7 +201,7 @@ if (!(argtype & ARG_NUMBER)) return -1; /* Octal value */ - if (sscanf(src, "%o", (int *)out) != 1) + if (sscanf(src, "%30o", (int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ @@ -211,7 +211,7 @@ if (!(argtype & ARG_NUMBER)) return -1; /* Hex value */ - if (sscanf(src + 2, "%x", (unsigned int *)out) != 1) + if (sscanf(src + 2, "%30x", (unsigned int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ @@ -221,7 +221,7 @@ if (!(argtype & ARG_NUMBER)) return -1; /* Hex value */ - if (sscanf(src, "%d", (int *)out) != 1) + if (sscanf(src, "%30d", (int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ Index: apps/app_alarmreceiver.c =================================================================== --- apps/app_alarmreceiver.c (revision 211538) +++ apps/app_alarmreceiver.c (revision 211539) @@ -124,7 +124,7 @@ return; } - sscanf(value, "%u", &v); + sscanf(value, "%30u", &v); v++; ast_verb(4, "AlarmReceiver: New value for %s: %u\n", key, v); Index: apps/app_talkdetect.c =================================================================== --- apps/app_talkdetect.c (revision 211538) +++ apps/app_talkdetect.c (revision 211539) @@ -105,16 +105,16 @@ tmp = ast_strdupa(data); AST_STANDARD_APP_ARGS(args, tmp); - if (!ast_strlen_zero(args.silence) && (sscanf(args.silence, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.silence) && (sscanf(args.silence, "%30d", &x) == 1) && (x > 0)) { sil = x; } - if (!ast_strlen_zero(args.min) && (sscanf(args.min, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.min) && (sscanf(args.min, "%30d", &x) == 1) && (x > 0)) { min = x; } - if (!ast_strlen_zero(args.max) && (sscanf(args.max, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.max) && (sscanf(args.max, "%30d", &x) == 1) && (x > 0)) { max = x; } - if (!ast_strlen_zero(args.analysistime) && (sscanf(args.analysistime, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.analysistime) && (sscanf(args.analysistime, "%30d", &x) == 1) && (x > 0)) { analysistime = x; } Index: apps/app_setcallerid.c =================================================================== --- apps/app_setcallerid.c (revision 211538) +++ apps/app_setcallerid.c (revision 211539) @@ -95,7 +95,7 @@ } /* For interface consistency, permit the argument to be specified as a number */ - if (sscanf(data, "%d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) { + if (sscanf(data, "%30d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) { pres = ast_parse_caller_presentation(data); } Index: apps/app_rpt.c =================================================================== --- apps/app_rpt.c (revision 211538) +++ apps/app_rpt.c (revision 211539) @@ -2106,7 +2106,7 @@ } /* leave this %i alone, non-base-10 input is useful here */ - if (sscanf(str, "%i", &ret) != 1) { + if (sscanf(str, "%30i", &ret) != 1) { return -1; } @@ -2333,7 +2333,7 @@ /* do not use atoi() here, we need to be able to have the input specified in hex or decimal so we use sscanf with a %i */ - if ((!val) || (sscanf(val,"%i",&rpt_vars[n].p.iobase) != 1)) + if ((!val) || (sscanf(val,"%30i",&rpt_vars[n].p.iobase) != 1)) rpt_vars[n].p.iobase = DEFAULT_IOBASE; val = (char *) ast_variable_retrieve(cfg,this,"ioport"); rpt_vars[n].p.ioport = val; @@ -3650,7 +3650,7 @@ tonesubset = strsep(&stringp,")"); if(!tonesubset) break; - if(sscanf(tonesubset,"(%d,%d,%d,%d", &f1, &f2, &duration, &litude) != 4) + if(sscanf(tonesubset,"(%30d,%30d,%30d,%30d", &f1, &f2, &duration, &litude) != 4) break; res = play_tone_pair(chan, f1, f2, duration, amplitude); if(res) @@ -5072,7 +5072,7 @@ p = strstr(tdesc, "version"); if(!p) break; - if(sscanf(p, "version %d.%d", &vmajor, &vminor) != 2) + if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) != 2) break; wait_interval(myrpt, DLY_TELEM, mychannel); /* Wait a little bit */ /* Say "version" */ @@ -6680,6 +6680,8 @@ static void handle_link_data(struct rpt *myrpt, struct rpt_link *mylink, char *str) { +/* XXX ATTENTION: if you change the size of these arrays you MUST + * change the limits in corresponding sscanf() calls below. */ char tmp[512],tmp1[512],cmd[300] = "",dest[300],src[300],c; int i,seq, res, ts; struct rpt_link *l; @@ -6718,7 +6720,7 @@ } if (tmp[0] == 'K') { - if (sscanf(tmp,"%s %s %s %d %d",cmd,dest,src,&seq,&ts) != 5) + if (sscanf(tmp, "%299s %299s %299s %30d %30d", cmd, dest, src, &seq, &ts) != 5) { ast_log(LOG_WARNING, "Unable to parse keying string %s\n",str); return; @@ -6826,7 +6828,9 @@ } if (tmp[0] == 'I') { - if (sscanf(tmp,"%s %s %x",cmd,src,&seq) != 3) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %30x",cmd,src,&seq) != 3) { ast_log(LOG_WARNING, "Unable to parse ident string %s\n",str); return; @@ -6836,7 +6840,9 @@ } else { - if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %299s %30d %1c",cmd,dest,src,&seq,&c) != 5) { ast_log(LOG_WARNING, "Unable to parse link string %s\n",str); return; @@ -10231,6 +10237,8 @@ static int handle_remote_data(struct rpt *myrpt, char *str) { +/* XXX ATTENTION: if you change the size of these arrays you MUST + * change the limits in corresponding sscanf() calls below. */ char tmp[300],cmd[300],dest[300],src[300],c; int seq,res; @@ -10246,7 +10254,9 @@ #ifndef DO_NOT_NOTIFY_MDC1200_ON_REMOTE_BASES if (tmp[0] == 'I') { - if (sscanf(tmp,"%s %s %x",cmd,src,&seq) != 3) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %30x",cmd,src,&seq) != 3) { ast_log(LOG_WARNING, "Unable to parse ident string %s\n",str); return 0; @@ -10255,7 +10265,9 @@ return 0; } #endif - if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %299s %30d %1c",cmd,dest,src,&seq,&c) != 5) { ast_log(LOG_WARNING, "Unable to parse link string %s\n",str); return 0; @@ -11886,7 +11898,7 @@ p = strstr(tdesc, "version"); if(p){ int vmajor,vminor; - if(sscanf(p, "version %d.%d", &vmajor, &vminor) == 2) + if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) == 2) sprintf(str + strlen(str),"&apprptvers=%d.%d",vmajor,vminor); } time(&now); Index: apps/app_mixmonitor.c =================================================================== --- apps/app_mixmonitor.c (revision 211538) +++ apps/app_mixmonitor.c (revision 211539) @@ -459,7 +459,7 @@ if (ast_test_flag(&flags, MUXFLAG_READVOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_READVOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the heard volume ('v') option.\n"); - } else if ((sscanf(opts[OPT_ARG_READVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_READVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Heard volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_READVOLUME]); } else { readvol = get_volfactor(x); @@ -469,7 +469,7 @@ if (ast_test_flag(&flags, MUXFLAG_WRITEVOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_WRITEVOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the spoken volume ('V') option.\n"); - } else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Spoken volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_WRITEVOLUME]); } else { writevol = get_volfactor(x); @@ -479,7 +479,7 @@ if (ast_test_flag(&flags, MUXFLAG_VOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_VOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the combined volume ('W') option.\n"); - } else if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_VOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Combined volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_VOLUME]); } else { readvol = writevol = get_volfactor(x); Index: apps/app_readfile.c =================================================================== --- apps/app_readfile.c (revision 211538) +++ apps/app_readfile.c (revision 211539) @@ -94,7 +94,7 @@ } if (length) { - if ((sscanf(length, "%d", &len) != 1) || (len < 0)) { + if ((sscanf(length, "%30d", &len) != 1) || (len < 0)) { ast_log(LOG_WARNING, "%s is not a positive number, defaulting length to max\n", length); len = 0; } Index: apps/app_meetme.c =================================================================== --- apps/app_meetme.c (revision 211538) +++ apps/app_meetme.c (revision 211539) @@ -1206,7 +1206,7 @@ AST_LIST_INSERT_HEAD(&confs, cnf, list); /* Reserve conference number in map */ - if ((sscanf(cnf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) + if ((sscanf(cnf->confno, "%30d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) conf_map[confno_int] = 1; cnfout: @@ -1874,7 +1874,7 @@ AST_LIST_LOCK(&confs); if (ast_atomic_dec_and_test(&conf->refcount)) { /* Take the conference room number out of an inuse state */ - if ((sscanf(conf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) { + if ((sscanf(conf->confno, "%4d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) { conf_map[confno_int] = 0; } conf_free(conf); @@ -2101,7 +2101,7 @@ /* Possible timeout waiting for marked user */ if ((confflags & CONFFLAG_WAITMARKED) && !ast_strlen_zero(optargs[OPT_ARG_WAITMARKED]) && - (sscanf(optargs[OPT_ARG_WAITMARKED], "%d", &opt_waitmarked_timeout) == 1) && + (sscanf(optargs[OPT_ARG_WAITMARKED], "%30d", &opt_waitmarked_timeout) == 1) && (opt_waitmarked_timeout > 0)) { timeout = time(NULL) + opt_waitmarked_timeout; } @@ -3857,7 +3857,7 @@ if (!res) ast_waitstream(chan, ""); } else { - if (sscanf(confno, "%d", &confno_int) == 1) { + if (sscanf(confno, "%30d", &confno_int) == 1) { if (!ast_test_flag(&confflags, CONFFLAG_QUIET)) { res = ast_streamfile(chan, "conf-enteringno", chan->language); if (!res) { @@ -3994,7 +3994,7 @@ struct ast_conf_user *user = NULL; int cid; - sscanf(callerident, "%i", &cid); + sscanf(callerident, "%30i", &cid); if (conf && callerident) { AST_LIST_TRAVERSE(&conf->userlist, user, list) { if (cid == user->user_no) @@ -4501,7 +4501,7 @@ rt_log_members = 1; if ((val = ast_variable_retrieve(cfg, "general", "audiobuffers"))) { - if ((sscanf(val, "%d", &audio_buffers) != 1)) { + if ((sscanf(val, "%30d", &audio_buffers) != 1)) { ast_log(LOG_WARNING, "audiobuffers setting must be a number, not '%s'\n", val); audio_buffers = DEFAULT_AUDIO_BUFFERS; } else if ((audio_buffers < DAHDI_DEFAULT_NUM_BUFS) || (audio_buffers > DAHDI_MAX_NUM_BUFS)) { @@ -4518,25 +4518,25 @@ if ((val = ast_variable_retrieve(cfg, "general", "logmembercount"))) rt_log_members = ast_true(val); if ((val = ast_variable_retrieve(cfg, "general", "fuzzystart"))) { - if ((sscanf(val, "%d", &fuzzystart) != 1)) { + if ((sscanf(val, "%30d", &fuzzystart) != 1)) { ast_log(LOG_WARNING, "fuzzystart must be a number, not '%s'\n", val); fuzzystart = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "earlyalert"))) { - if ((sscanf(val, "%d", &earlyalert) != 1)) { + if ((sscanf(val, "%30d", &earlyalert) != 1)) { ast_log(LOG_WARNING, "earlyalert must be a number, not '%s'\n", val); earlyalert = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "endalert"))) { - if ((sscanf(val, "%d", &endalert) != 1)) { + if ((sscanf(val, "%30d", &endalert) != 1)) { ast_log(LOG_WARNING, "endalert must be a number, not '%s'\n", val); endalert = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "extendby"))) { - if ((sscanf(val, "%d", &extendby) != 1)) { + if ((sscanf(val, "%30d", &extendby) != 1)) { ast_log(LOG_WARNING, "extendby must be a number, not '%s'\n", val); extendby = 0; } @@ -6102,7 +6102,7 @@ if (!strcasecmp(var->name, "autocontext")) ast_string_field_set(trunk, autocontext, var->value); else if (!strcasecmp(var->name, "ringtimeout")) { - if (sscanf(var->value, "%u", &trunk->ring_timeout) != 1) { + if (sscanf(var->value, "%30u", &trunk->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for trunk '%s'\n", var->value, trunk->name); trunk->ring_timeout = 0; @@ -6178,13 +6178,13 @@ char *name, *value = cur; name = strsep(&value, "="); if (!strcasecmp(name, "ringtimeout")) { - if (sscanf(value, "%u", &trunk_ref->ring_timeout) != 1) { + if (sscanf(value, "%30u", &trunk_ref->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout value '%s' for " "trunk '%s' on station '%s'\n", value, trunk->name, station->name); trunk_ref->ring_timeout = 0; } } else if (!strcasecmp(name, "ringdelay")) { - if (sscanf(value, "%u", &trunk_ref->ring_delay) != 1) { + if (sscanf(value, "%30u", &trunk_ref->ring_delay) != 1) { ast_log(LOG_WARNING, "Invalid ringdelay value '%s' for " "trunk '%s' on station '%s'\n", value, trunk->name, station->name); trunk_ref->ring_delay = 0; @@ -6233,13 +6233,13 @@ else if (!strcasecmp(var->name, "autocontext")) ast_string_field_set(station, autocontext, var->value); else if (!strcasecmp(var->name, "ringtimeout")) { - if (sscanf(var->value, "%u", &station->ring_timeout) != 1) { + if (sscanf(var->value, "%30u", &station->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for station '%s'\n", var->value, station->name); station->ring_timeout = 0; } } else if (!strcasecmp(var->name, "ringdelay")) { - if (sscanf(var->value, "%u", &station->ring_delay) != 1) { + if (sscanf(var->value, "%30u", &station->ring_delay) != 1) { ast_log(LOG_WARNING, "Invalid ringdelay '%s' specified for station '%s'\n", var->value, station->name); station->ring_delay = 0; Index: apps/app_morsecode.c =================================================================== --- apps/app_morsecode.c (revision 211538) +++ apps/app_morsecode.c (revision 211539) @@ -132,7 +132,7 @@ /* Use variable MORESEDITLEN, if set (else 80) */ ast_channel_lock(chan); ditlenc = pbx_builtin_getvar_helper(chan, "MORSEDITLEN"); - if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%d", &ditlen) != 1)) { + if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%30d", &ditlen) != 1)) { ditlen = 80; } ast_channel_unlock(chan); @@ -140,7 +140,7 @@ /* Use variable MORSETONE, if set (else 800) */ ast_channel_lock(chan); tonec = pbx_builtin_getvar_helper(chan, "MORSETONE"); - if (ast_strlen_zero(tonec) || (sscanf(tonec, "%d", &tone) != 1)) { + if (ast_strlen_zero(tonec) || (sscanf(tonec, "%30d", &tone) != 1)) { tone = 800; } ast_channel_unlock(chan); Index: apps/app_minivm.c =================================================================== --- apps/app_minivm.c (revision 211538) +++ apps/app_minivm.c (revision 211539) @@ -2169,7 +2169,7 @@ if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else @@ -2596,7 +2596,7 @@ } else if (!strcasecmp(var->name, "pager")) { ast_copy_string(vmu->pager, var->value, sizeof(vmu->pager)); } else if (!strcasecmp(var->name, "volgain")) { - sscanf(var->value, "%lf", &vmu->volgain); + sscanf(var->value, "%30lf", &vmu->volgain); } else { ast_log(LOG_ERROR, "Unknown configuration option for minivm account %s : %s\n", name, var->name); } @@ -2766,7 +2766,7 @@ global_silencethreshold = atoi(var->value); } else if (!strcmp(var->name, "maxmessage")) { int x; - if (sscanf(var->value, "%d", &x) == 1) { + if (sscanf(var->value, "%30d", &x) == 1) { global_vmmaxmessage = x; } else { error ++; @@ -2774,7 +2774,7 @@ } } else if (!strcmp(var->name, "minmessage")) { int x; - if (sscanf(var->value, "%d", &x) == 1) { + if (sscanf(var->value, "%30d", &x) == 1) { global_vmminmessage = x; if (global_maxsilence <= global_vmminmessage) ast_log(LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); Index: apps/app_macro.c =================================================================== --- apps/app_macro.c (revision 211538) +++ apps/app_macro.c (revision 211539) @@ -266,12 +266,12 @@ /* does the user want a deeper rabbit hole? */ ast_channel_lock(chan); if ((s = pbx_builtin_getvar_helper(chan, "MACRO_RECURSION"))) { - sscanf(s, "%d", &maxdepth); + sscanf(s, "%30d", &maxdepth); } /* Count how many levels deep the rabbit hole goes */ if ((s = pbx_builtin_getvar_helper(chan, "MACRO_DEPTH"))) { - sscanf(s, "%d", &depth); + sscanf(s, "%30d", &depth); } /* Used for detecting whether to return when a Macro is called from another Macro after hangup */ @@ -279,7 +279,7 @@ pbx_builtin_setvar_helper(chan, "MACRO_IN_HANGUP", "1"); if ((inhangupc = pbx_builtin_getvar_helper(chan, "MACRO_IN_HANGUP"))) { - sscanf(inhangupc, "%d", &inhangup); + sscanf(inhangupc, "%30d", &inhangup); } ast_channel_unlock(chan); @@ -543,7 +543,7 @@ if ((offsets = pbx_builtin_getvar_helper(chan, "MACRO_OFFSET"))) { /* Handle macro offset if it's set by checking the availability of step n + offset + 1, otherwise continue normally if there is any problem */ - if (sscanf(offsets, "%d", &offset) == 1) { + if (sscanf(offsets, "%30d", &offset) == 1) { if (ast_exists_extension(chan, chan->context, chan->exten, chan->priority + offset + 1, chan->cid.cid_num)) { chan->priority += offset; } Index: apps/app_sms.c =================================================================== --- apps/app_sms.c (revision 211538) +++ apps/app_sms.c (revision 211539) @@ -878,7 +878,7 @@ } else if (!strcmp(line, "scts")) { /* get date/time */ int Y, m, d, H, M, S; /* XXX Why aren't we using ast_strptime here? */ - if (sscanf(p, "%d-%d-%dT%d:%d:%d", &Y, &m, &d, &H, &M, &S) == 6) { + if (sscanf(p, "%4d-%2d-%2dT%2d:%2d:%2d", &Y, &m, &d, &H, &M, &S) == 6) { struct ast_tm t = { 0, }; t.tm_year = Y - 1900; t.tm_mon = m - 1; Index: apps/app_verbose.c =================================================================== --- apps/app_verbose.c (revision 211538) +++ apps/app_verbose.c (revision 211539) @@ -92,7 +92,7 @@ args.level = "0"; } - if (sscanf(args.level, "%d", &vsize) != 1) { + if (sscanf(args.level, "%30d", &vsize) != 1) { vsize = 0; ast_log(LOG_WARNING, "'%s' is not a verboser number\n", args.level); } Index: apps/app_voicemail.c =================================================================== --- apps/app_voicemail.c (revision 211538) +++ apps/app_voicemail.c (revision 211539) @@ -926,7 +926,7 @@ } else if (!strcasecmp(var, "sayduration")){ ast_set2_flag(vmu, ast_true(value), VM_SAYDURATION); } else if (!strcasecmp(var, "saydurationm")){ - if (sscanf(value, "%d", &x) == 1) { + if (sscanf(value, "%30d", &x) == 1) { vmu->saydurationm = x; } else { ast_log(AST_LOG_WARNING, "Invalid min duration for say duration\n"); @@ -960,7 +960,7 @@ vmu->maxmsg = MAXMSGLIMIT; } } else if (!strcasecmp(var, "backupdeleted")) { - if (sscanf(value, "%d", &x) == 1) + if (sscanf(value, "%30d", &x) == 1) vmu->maxdeletedmsg = x; else if (ast_true(value)) vmu->maxdeletedmsg = MAXMSG; @@ -975,7 +975,7 @@ vmu->maxdeletedmsg = MAXMSGLIMIT; } } else if (!strcasecmp(var, "volgain")) { - sscanf(value, "%lf", &vmu->volgain); + sscanf(value, "%30lf", &vmu->volgain); } else if (!strcasecmp(var, "options")) { apply_options(vmu, value); } @@ -3105,7 +3105,7 @@ ast_odbc_release_obj(obj); goto yuck; } - if (sscanf(rowdata, "%d", &x) != 1) + if (sscanf(rowdata, "%30d", &x) != 1) ast_log(AST_LOG_WARNING, "Failed to read message count!\n"); SQLFreeHandle (SQL_HANDLE_STMT, stmt); ast_odbc_release_obj(obj); @@ -3160,7 +3160,7 @@ ast_odbc_release_obj(obj); goto yuck; } - if (sscanf(rowdata, "%d", &x) != 1) + if (sscanf(rowdata, "%30d", &x) != 1) ast_log(AST_LOG_WARNING, "Failed to read message count!\n"); SQLFreeHandle (SQL_HANDLE_STMT, stmt); ast_odbc_release_obj(obj); @@ -3578,7 +3578,7 @@ * find each file. */ msgdir = opendir(dir); while ((msgdirent = readdir(msgdir))) { - if (sscanf(msgdirent->d_name, "msg%d", &msgdirint) == 1 && msgdirint < MAXMSGLIMIT) + if (sscanf(msgdirent->d_name, "msg%30d", &msgdirint) == 1 && msgdirint < MAXMSGLIMIT) map[msgdirint] = 1; } closedir(msgdir); @@ -3903,7 +3903,7 @@ pbx_builtin_setvar_helper(ast, "ORIG_VM_CIDNUM", origcidnum); } - if ((origtime = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(origtime, "%d", &inttime) == 1) { + if ((origtime = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(origtime, "%30d", &inttime) == 1) { struct timeval tv = { inttime, }; struct ast_tm tm; ast_localtime(&tv, &tm, NULL); @@ -4258,7 +4258,7 @@ /* You might be tempted to do origdate, except that a) it's in the wrong * format, and b) it's missing for IMAP recordings. */ - if ((v = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(v, "%d", &inttime) == 1) { + if ((v = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(v, "%30d", &inttime) == 1) { struct timeval tv = { inttime, }; struct ast_tm tm; ast_localtime(&tv, &tm, NULL); @@ -9013,7 +9013,7 @@ if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; if (!ast_strlen_zero(opts[OPT_ARG_RECORDGAIN])) { - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else { @@ -9026,7 +9026,7 @@ if (ast_test_flag(&flags, OPT_AUTOPLAY) ) { play_auto = 1; if (opts[OPT_ARG_PLAYFOLDER]) { - if (sscanf(opts[OPT_ARG_PLAYFOLDER], "%d", &play_folder) != 1) { + if (sscanf(opts[OPT_ARG_PLAYFOLDER], "%30d", &play_folder) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for folder autoplay option\n", opts[OPT_ARG_PLAYFOLDER]); } } else { @@ -9692,7 +9692,7 @@ if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else { @@ -10529,7 +10529,7 @@ volgain = 0.0; if ((val = ast_variable_retrieve(cfg, "general", "volgain"))) - sscanf(val, "%lf", &volgain); + sscanf(val, "%30lf", &volgain); #ifdef ODBC_STORAGE strcpy(odbc_database, "asterisk"); @@ -10569,7 +10569,7 @@ if (!(val = ast_variable_retrieve(cfg, "general", "backupdeleted"))) { maxdeletedmsg = 0; } else { - if (sscanf(val, "%d", &x) == 1) + if (sscanf(val, "%30d", &x) == 1) maxdeletedmsg = x; else if (ast_true(val)) maxdeletedmsg = MAXMSG; @@ -10721,7 +10721,7 @@ vmmaxsecs = 0; if ((val = ast_variable_retrieve(cfg, "general", "maxsecs"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmmaxsecs = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message time length\n"); @@ -10732,7 +10732,7 @@ maxmessage_deprecate = 1; ast_log(AST_LOG_WARNING, "Setting 'maxmessage' has been deprecated in favor of 'maxsecs'.\n"); } - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmmaxsecs = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message time length\n"); @@ -10741,7 +10741,7 @@ vmminsecs = 0; if ((val = ast_variable_retrieve(cfg, "general", "minsecs"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmminsecs = x; if (maxsilence / 1000 >= vmminsecs) { ast_log(AST_LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); @@ -10755,7 +10755,7 @@ maxmessage_deprecate = 1; ast_log(AST_LOG_WARNING, "Setting 'minmessage' has been deprecated in favor of 'minsecs'.\n"); } - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmminsecs = x; if (maxsilence / 1000 >= vmminsecs) { ast_log(AST_LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); @@ -10772,7 +10772,7 @@ skipms = 3000; if ((val = ast_variable_retrieve(cfg, "general", "maxgreet"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { maxgreet = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message greeting length\n"); @@ -10780,7 +10780,7 @@ } if ((val = ast_variable_retrieve(cfg, "general", "skipms"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { skipms = x; } else { ast_log(AST_LOG_WARNING, "Invalid skipms value\n"); @@ -10789,7 +10789,7 @@ maxlogins = 3; if ((val = ast_variable_retrieve(cfg, "general", "maxlogins"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { maxlogins = x; } else { ast_log(AST_LOG_WARNING, "Invalid max failed login attempts\n"); @@ -10798,7 +10798,7 @@ minpassword = MINPASSWORD; if ((val = ast_variable_retrieve(cfg, "general", "minpassword"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { minpassword = x; } else { ast_log(AST_LOG_WARNING, "Invalid minimum password length. Default to %d\n", minpassword); @@ -10894,7 +10894,7 @@ saydurationminfo = 2; if ((val = ast_variable_retrieve(cfg, "general", "saydurationm"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { saydurationminfo = x; } else { ast_log(AST_LOG_WARNING, "Invalid min duration for say duration\n"); @@ -10959,7 +10959,7 @@ poll_freq = DEFAULT_POLL_FREQ; if ((val = ast_variable_retrieve(cfg, "general", "pollfreq"))) { - if (sscanf(val, "%u", &poll_freq) != 1) { + if (sscanf(val, "%30u", &poll_freq) != 1) { poll_freq = DEFAULT_POLL_FREQ; ast_log(AST_LOG_ERROR, "'%s' is not a valid value for the pollfreq option!\n", val); } Index: apps/app_waitforsilence.c =================================================================== --- apps/app_waitforsilence.c (revision 211538) +++ apps/app_waitforsilence.c (revision 211539) @@ -214,9 +214,9 @@ res = ast_answer(chan); /* Answer the channel */ } - if (!data || ( (sscanf(data, "%d,%d,%d", &timereqd, &iterations, &timeout) != 3) && - (sscanf(data, "%d,%d", &timereqd, &iterations) != 2) && - (sscanf(data, "%d", &timereqd) != 1) ) ) { + if (!data || ( (sscanf(data, "%30d,%30d,%30d", &timereqd, &iterations, &timeout) != 3) && + (sscanf(data, "%30d,%30d", &timereqd, &iterations) != 2) && + (sscanf(data, "%30d", &timereqd) != 1) ) ) { ast_log(LOG_WARNING, "Using default value of 1000ms, 1 iteration, no timeout\n"); } Index: apps/app_disa.c =================================================================== --- apps/app_disa.c (revision 211538) +++ apps/app_disa.c (revision 211539) @@ -250,7 +250,7 @@ if (!(k&1)) { /* if in password state */ if (j == '#') { /* end of password */ /* see if this is an integer */ - if (sscanf(args.passcode,"%d",&j) < 1) { /* nope, it must be a filename */ + if (sscanf(args.passcode,"%30d",&j) < 1) { /* nope, it must be a filename */ fp = fopen(args.passcode,"r"); if (!fp) { ast_log(LOG_WARNING,"DISA password file %s not found on chan %s\n",args.passcode,chan->name); @@ -276,7 +276,7 @@ ast_debug(1, "Mailbox: %s\n",args.mailbox); /* password must be in valid format (numeric) */ - if (sscanf(args.passcode,"%d", &j) < 1) + if (sscanf(args.passcode,"%30d", &j) < 1) continue; /* if we got it */ if (!strcmp(exten,args.passcode)) { Index: apps/app_osplookup.c =================================================================== --- apps/app_osplookup.c (revision 211538) +++ apps/app_osplookup.c (revision 211539) @@ -416,7 +416,7 @@ ast_log(LOG_WARNING, "OSP: Too many Service Points at line %d\n", v->lineno); } } else if (!strcasecmp(v->name, "maxconnections")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) { p->maxconnections = t; ast_debug(1, "OSP: maxconnections '%d'\n", t); } else { @@ -424,7 +424,7 @@ OSP_MIN_MAXCONNECTIONS, OSP_MAX_MAXCONNECTIONS, v->value, v->lineno); } } else if (!strcasecmp(v->name, "retrydelay")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) { p->retrydelay = t; ast_debug(1, "OSP: retrydelay '%d'\n", t); } else { @@ -432,7 +432,7 @@ OSP_MIN_RETRYDELAY, OSP_MAX_RETRYDELAY, v->value, v->lineno); } } else if (!strcasecmp(v->name, "retrylimit")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) { p->retrylimit = t; ast_debug(1, "OSP: retrylimit '%d'\n", t); } else { @@ -440,7 +440,7 @@ OSP_MIN_RETRYLIMIT, OSP_MAX_RETRYLIMIT, v->value, v->lineno); } } else if (!strcasecmp(v->name, "timeout")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) { p->timeout = t; ast_debug(1, "OSP: timeout '%d'\n", t); } else { @@ -451,7 +451,7 @@ ast_copy_string(p->source, v->value, sizeof(p->source)); ast_debug(1, "OSP: source '%s'\n", p->source); } else if (!strcasecmp(v->name, "authpolicy")) { - if ((sscanf(v->value, "%d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) { + if ((sscanf(v->value, "%30d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) { p->authpolicy = t; ast_debug(1, "OSP: authpolicy '%d'\n", t); } else { @@ -1588,11 +1588,11 @@ headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) { result.inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) { - if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) { result.intimelimit = OSP_DEF_TIMELIMIT; } } else if (!strcasecmp(ast_var_name(current), "OSPINNETWORKID")) { @@ -1734,7 +1734,7 @@ AST_STANDARD_APP_ARGS(args, tmp); - if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) { + if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) { cause = 0; } ast_debug(1, "OSPNext: cause '%d'\n", cause); @@ -1752,23 +1752,23 @@ headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) { result.inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.outhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.outhandle) != 1) { result.outhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) { - if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) { result.intimelimit = OSP_DEF_TIMELIMIT; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTCALLIDTYPES")) { - if (sscanf(ast_var_value(current), "%d", &callidtypes) != 1) { + if (sscanf(ast_var_value(current), "%30d", &callidtypes) != 1) { callidtypes = OSP_CALLID_UNDEFINED; } } else if (!strcasecmp(ast_var_name(current), "OSPRESULTS")) { - if (sscanf(ast_var_value(current), "%d", &result.numresults) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.numresults) != 1) { result.numresults = 0; } } @@ -1889,11 +1889,11 @@ headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &inhandle) != 1) { inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &outhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &outhandle) != 1) { outhandle = OSP_INVALID_HANDLE; } } else if (!recorded && @@ -1910,7 +1910,7 @@ ast_debug(1, "OSPFinish: OSPOUTHANDLE '%d'\n", outhandle); ast_debug(1, "OSPFinish: recorded '%d'\n", recorded); - if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) { + if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) { cause = 0; } ast_debug(1, "OSPFinish: cause '%d'\n", cause); @@ -2012,7 +2012,7 @@ t = ast_variable_retrieve(cfg, OSP_GENERAL_CAT, "tokenformat"); if (t) { - if ((sscanf(t, "%d", &v) == 1) && + if ((sscanf(t, "%30d", &v) == 1) && ((v == TOKEN_ALGO_SIGNED) || (v == TOKEN_ALGO_UNSIGNED) || (v == TOKEN_ALGO_BOTH))) { osp_tokenformat = v; Index: apps/app_dahdibarge.c =================================================================== --- apps/app_dahdibarge.c (revision 211538) +++ apps/app_dahdibarge.c (revision 211539) @@ -267,8 +267,8 @@ char confnostr[80] = ""; if (!ast_strlen_zero(data)) { - if ((sscanf(data, "DAHDI/%d", &confno) != 1) && - (sscanf(data, "%d", &confno) != 1)) { + if ((sscanf(data, "DAHDI/%30d", &confno) != 1) && + (sscanf(data, "%30d", &confno) != 1)) { ast_log(LOG_WARNING, "DAHDIBarge Argument (if specified) must be a channel number, not '%s'\n", (char *)data); return 0; } @@ -282,7 +282,7 @@ confnostr[0] = '\0'; res = ast_app_getdata(chan, "conf-getchannel",confnostr, sizeof(confnostr) - 1, 0); if (res <0) goto out; - if (sscanf(confnostr, "%d", &confno) != 1) + if (sscanf(confnostr, "%30d", &confno) != 1) confno = 0; } if (confno) { Index: apps/app_privacy.c =================================================================== --- apps/app_privacy.c (revision 211538) +++ apps/app_privacy.c (revision 211539) @@ -111,13 +111,13 @@ AST_STANDARD_APP_ARGS(args, parse); if (args.maxretries) { - if (sscanf(args.maxretries, "%d", &x) == 1) + if (sscanf(args.maxretries, "%30d", &x) == 1) maxretries = x; else ast_log(LOG_WARNING, "Invalid max retries argument\n"); } if (args.minlength) { - if (sscanf(args.minlength, "%d", &x) == 1) + if (sscanf(args.minlength, "%30d", &x) == 1) minlength = x; else ast_log(LOG_WARNING, "Invalid min length argument\n"); Index: apps/app_record.c =================================================================== --- apps/app_record.c (revision 211538) +++ apps/app_record.c (revision 211539) @@ -190,7 +190,7 @@ return -1; } if (args.silence) { - if ((sscanf(args.silence, "%d", &i) == 1) && (i > -1)) { + if ((sscanf(args.silence, "%30d", &i) == 1) && (i > -1)) { silence = i * 1000; } else if (!ast_strlen_zero(args.silence)) { ast_log(LOG_WARNING, "'%s' is not a valid silence duration\n", args.silence); @@ -198,7 +198,7 @@ } if (args.maxduration) { - if ((sscanf(args.maxduration, "%d", &i) == 1) && (i > -1)) + if ((sscanf(args.maxduration, "%30d", &i) == 1) && (i > -1)) /* Convert duration to milliseconds */ maxduration = i * 1000; else if (!ast_strlen_zero(args.maxduration)) Index: apps/app_waituntil.c =================================================================== --- apps/app_waituntil.c (revision 211538) +++ apps/app_waituntil.c (revision 211539) @@ -82,7 +82,7 @@ return 0; } - if (sscanf(data, "%ld%lf", &seconds, &fraction) == 0) { + if (sscanf(data, "%30ld%30lf", &seconds, &fraction) == 0) { ast_log(LOG_WARNING, "WaitUntil called with non-numeric argument\n"); pbx_builtin_setvar_helper(chan, "WAITUNTILSTATUS", "FAILURE"); return 0; Index: apps/app_originate.c =================================================================== --- apps/app_originate.c (revision 211538) +++ apps/app_originate.c (revision 211539) @@ -136,7 +136,7 @@ if (args.argc == 5) { /* Context/Exten/Priority all specified */ - if (sscanf(args.arg3, "%d", &priority) != 1) { + if (sscanf(args.arg3, "%30d", &priority) != 1) { ast_log(LOG_ERROR, "Invalid priority: '%s'\n", args.arg3); goto return_cleanup; } Index: apps/app_queue.c =================================================================== --- apps/app_queue.c (revision 211538) +++ apps/app_queue.c (revision 211539) @@ -5155,7 +5155,7 @@ } if (!ast_strlen_zero(args.penalty)) { - if ((sscanf(args.penalty, "%d", &penalty) != 1) || penalty < 0) { + if ((sscanf(args.penalty, "%30d", &penalty) != 1) || penalty < 0) { ast_log(LOG_WARNING, "Penalty '%s' is invalid, must be an integer >= 0\n", args.penalty); penalty = 0; } @@ -5316,7 +5316,7 @@ ast_channel_lock(chan); user_priority = pbx_builtin_getvar_helper(chan, "QUEUE_PRIO"); if (user_priority) { - if (sscanf(user_priority, "%d", &prio) == 1) { + if (sscanf(user_priority, "%30d", &prio) == 1) { ast_debug(1, "%s: Got priority %d from ${QUEUE_PRIO}.\n", chan->name, prio); } else { ast_log(LOG_WARNING, "${QUEUE_PRIO}: Invalid value (%s), channel %s.\n", @@ -5331,7 +5331,7 @@ /* Get the maximum penalty from the variable ${QUEUE_MAX_PENALTY} */ if ((max_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MAX_PENALTY"))) { - if (sscanf(max_penalty_str, "%d", &max_penalty) == 1) { + if (sscanf(max_penalty_str, "%30d", &max_penalty) == 1) { ast_debug(1, "%s: Got max penalty %d from ${QUEUE_MAX_PENALTY}.\n", chan->name, max_penalty); } else { ast_log(LOG_WARNING, "${QUEUE_MAX_PENALTY}: Invalid value (%s), channel %s.\n", @@ -5343,7 +5343,7 @@ } if ((min_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MIN_PENALTY"))) { - if (sscanf(min_penalty_str, "%d", &min_penalty) == 1) { + if (sscanf(min_penalty_str, "%30d", &min_penalty) == 1) { ast_debug(1, "%s: Got min penalty %d from ${QUEUE_MIN_PENALTY}.\n", chan->name, min_penalty); } else { ast_log(LOG_WARNING, "${QUEUE_MIN_PENALTY}: Invalid value (%s), channel %s.\n", @@ -6712,7 +6712,7 @@ if (ast_strlen_zero(penalty_s)) penalty = 0; - else if (sscanf(penalty_s, "%d", &penalty) != 1 || penalty < 0) + else if (sscanf(penalty_s, "%30d", &penalty) != 1 || penalty < 0) penalty = 0; if (ast_strlen_zero(paused_s)) @@ -6952,7 +6952,7 @@ queuename = a->argv[5]; interface = a->argv[3]; if (a->argc >= 8) { - if (sscanf(a->argv[7], "%d", &penalty) == 1) { + if (sscanf(a->argv[7], "%30d", &penalty) == 1) { if (penalty < 0) { ast_cli(a->fd, "Penalty must be >= 0\n"); penalty = 0; Index: apps/app_followme.c =================================================================== --- apps/app_followme.c (revision 211538) +++ apps/app_followme.c (revision 211539) @@ -334,7 +334,7 @@ featuredigittostr = ast_variable_retrieve(cfg, "general", "featuredigittimeout"); if (!ast_strlen_zero(featuredigittostr)) { - if (!sscanf(featuredigittostr, "%d", &featuredigittimeout)) + if (!sscanf(featuredigittostr, "%30d", &featuredigittimeout)) featuredigittimeout = 5000; } @@ -956,7 +956,7 @@ if (!(numstr = ast_variable_retrieve(cfg, catg, "phonenumber"))) { continue; } - if (!(timeoutstr = ast_variable_retrieve(cfg, catg, "timeout")) || sscanf(timeoutstr, "%d", &timeout) != 1 || timeout < 1) { + if (!(timeoutstr = ast_variable_retrieve(cfg, catg, "timeout")) || sscanf(timeoutstr, "%30d", &timeout) != 1 || timeout < 1) { timeout = 25; } /* This one has to exist; it was part of the query */ Index: apps/app_waitforring.c =================================================================== --- apps/app_waitforring.c (revision 211538) +++ apps/app_waitforring.c (revision 211539) @@ -60,7 +60,7 @@ double s; int ms; - if (!data || (sscanf(data, "%lg", &s) != 1)) { + if (!data || (sscanf(data, "%30lg", &s) != 1)) { ast_log(LOG_WARNING, "WaitForRing requires an argument (minimum seconds)\n"); return 0; } Index: doc/CODING-GUIDELINES =================================================================== --- doc/CODING-GUIDELINES (revision 211538) +++ doc/CODING-GUIDELINES (revision 211539) @@ -412,6 +412,17 @@ use a direct strcpy(), as it can be inlined and optimized to simple processor operations, unlike ast_copy_string(). +* String conversions +-------------------- + +When converting from strings to integers or floats, use the sscanf function +in preference to the atoi and atof family of functions, as sscanf detects +errors. Always check the return value of sscanf to verify that your numeric +variables successfully scanned before using them. Also, to avoid a potential +libc bug, always specify a maximum width for each format specifier, including +integers and floats. A good length for both integers and floats is 30, as +this is more than generous, even if you're using doubles or long integers. + * Use of functions ------------------ Index: addons/app_saycountpl.c =================================================================== --- addons/app_saycountpl.c (revision 211538) +++ addons/app_saycountpl.c (revision 211539) @@ -107,7 +107,7 @@ return -1; } - if (sscanf(args.num, "%d", &inum) != 1) { + if (sscanf(args.num, "%30d", &inum) != 1) { ast_log(LOG_WARNING, "'%s' is not a valid number\n", args.num); return -1; } Index: addons/res_config_mysql.c =================================================================== --- addons/res_config_mysql.c (revision 211538) +++ addons/res_config_mysql.c (revision 211539) @@ -245,7 +245,7 @@ } if ((flen = strchr(ftype, '('))) { - sscanf(flen, "(%d)", &column->len); + sscanf(flen, "(%30d)", &column->len); } else { /* Columns like dates, times, and timestamps don't have a length */ column->len = -1; Index: addons/app_mysql.c =================================================================== --- addons/app_mysql.c (revision 211538) +++ addons/app_mysql.c (revision 211539) @@ -333,7 +333,7 @@ } ctimeout = pbx_builtin_getvar_helper(chan, "MYSQL_TIMEOUT"); - if (ctimeout && sscanf(ctimeout, "%d", &timeout) == 1) { + if (ctimeout && sscanf(ctimeout, "%30d", &timeout) == 1) { mysql_options(mysql, MYSQL_OPT_CONNECT_TIMEOUT, (void *)&timeout); } @@ -408,7 +408,7 @@ int connid = -1; AST_NONSTANDARD_APP_ARGS(args, data, ' '); - sscanf(args.connid, "%d", &connid); + sscanf(args.connid, "%30d", &connid); if (args.argc != 3 || connid <= 0) { ast_log(LOG_WARNING, "missing some arguments\n"); @@ -451,7 +451,7 @@ parse = ast_strdupa(data); AST_NONSTANDARD_APP_ARGS(args, parse, ' '); - sscanf(args.fetchid, "%d", &resultid); + sscanf(args.fetchid, "%30d", &resultid); if (args.resultvar && (resultid >= 0) ) { if ((mysqlres = find_identifier(resultid, AST_MYSQL_ID_RESID)) != NULL) { Index: addons/chan_ooh323.c =================================================================== --- addons/chan_ooh323.c (revision 211538) +++ addons/chan_ooh323.c (revision 211539) @@ -424,7 +424,7 @@ /* Possible data values - peername, exten/peername, exten@ip */ -static struct ast_channel *ooh323_request(const char *type, int format, +static struct ast_channel *ooh323_request(const char *type, int format, const struct ast_channel *requestor, void *data, int *cause) { struct ast_channel *chan = NULL; @@ -1886,7 +1886,7 @@ if (gRTPTimeout <= 0) gRTPTimeout = 60; } else if (!strcasecmp(v->name, "tos")) { - if (sscanf(v->value, "%i", &format) == 1) + if (sscanf(v->value, "%30i", &format) == 1) gTOS = format & 0xff; else if (!strcasecmp(v->value, "lowdelay")) gTOS = IPTOS_LOWDELAY; Index: addons/cdr_mysql.c =================================================================== --- addons/cdr_mysql.c (revision 211538) +++ addons/cdr_mysql.c (revision 211539) @@ -383,7 +383,7 @@ tmp = ast_variable_retrieve(cfg, category, variable); - if (!tmp || sscanf(tmp, "%d", field) < 1) + if (!tmp || sscanf(tmp, "%30d", field) < 1) *field = def; return 0; Index: funcs/func_rand.c =================================================================== --- funcs/func_rand.c (revision 211538) +++ funcs/func_rand.c (revision 211539) @@ -63,10 +63,10 @@ AST_STANDARD_APP_ARGS(args, parse); - if (ast_strlen_zero(args.min) || sscanf(args.min, "%d", &min_int) != 1) + if (ast_strlen_zero(args.min) || sscanf(args.min, "%30d", &min_int) != 1) min_int = 0; - if (ast_strlen_zero(args.max) || sscanf(args.max, "%d", &max_int) != 1) + if (ast_strlen_zero(args.max) || sscanf(args.max, "%30d", &max_int) != 1) max_int = RAND_MAX; if (max_int < min_int) { Index: funcs/func_speex.c =================================================================== --- funcs/func_speex.c (revision 211538) +++ funcs/func_speex.c (revision 211539) @@ -239,7 +239,7 @@ } if (!strcasecmp(cmd, "agc")) { - if (!sscanf(value, "%f", &(*sdi)->agclevel)) + if (!sscanf(value, "%30f", &(*sdi)->agclevel)) (*sdi)->agclevel = ast_true(value) ? DEFAULT_AGC_LEVEL : 0.0; if ((*sdi)->agclevel > 32768.0) { Index: funcs/func_enum.c =================================================================== --- funcs/func_enum.c (revision 211538) +++ funcs/func_enum.c (revision 211539) @@ -365,7 +365,7 @@ goto finish; } - if (sscanf(args.resultnum, "%u", &num) != 1) { + if (sscanf(args.resultnum, "%30u", &num) != 1) { ast_log(LOG_ERROR, "Invalid value '%s' for resultnum to ENUMRESULT!\n", args.resultnum); goto finish; } Index: funcs/func_odbc.c =================================================================== --- funcs/func_odbc.c (revision 211538) +++ funcs/func_odbc.c (revision 211539) @@ -836,7 +836,7 @@ if (strcasecmp(tmp, "multirow") == 0) ast_set_flag((*query), OPT_MULTIROW); if ((tmp = ast_variable_retrieve(cfg, catg, "rowlimit"))) - sscanf(tmp, "%d", &((*query)->rowlimit)); + sscanf(tmp, "%30d", &((*query)->rowlimit)); } (*query)->acf = ast_calloc(1, sizeof(struct ast_custom_function)); Index: funcs/func_dialplan.c =================================================================== --- funcs/func_dialplan.c (revision 211538) +++ funcs/func_dialplan.c (revision 211539) @@ -72,7 +72,7 @@ if (!ast_strlen_zero(args.priority)) { int priority_num; - if (sscanf(args.priority, "%d", &priority_num) == 1 && priority_num > 0) { + if (sscanf(args.priority, "%30d", &priority_num) == 1 && priority_num > 0) { int res; res = ast_exists_extension(chan, args.context, args.exten, priority_num, chan->cid.cid_num); Index: funcs/func_sprintf.c =================================================================== --- funcs/func_sprintf.c (revision 211538) +++ funcs/func_sprintf.c (revision 211539) @@ -123,7 +123,7 @@ /* Convert the argument into the required type */ if (arg.var[argcount]) { - if (sscanf(arg.var[argcount++], "%d", &tmpi) != 1) { + if (sscanf(arg.var[argcount++], "%30d", &tmpi) != 1) { ast_log(LOG_ERROR, "Argument '%s' is not an integer number for format '%s'\n", arg.var[argcount - 1], formatbuf); goto sprintf_fail; } @@ -146,7 +146,7 @@ /* Convert the argument into the required type */ if (arg.var[argcount]) { - if (sscanf(arg.var[argcount++], "%lf", &tmpd) != 1) { + if (sscanf(arg.var[argcount++], "%30lf", &tmpd) != 1) { ast_log(LOG_ERROR, "Argument '%s' is not a floating point number for format '%s'\n", arg.var[argcount - 1], formatbuf); goto sprintf_fail; } Index: funcs/func_timeout.c =================================================================== --- funcs/func_timeout.c (revision 211538) +++ funcs/func_timeout.c (revision 211539) @@ -137,7 +137,7 @@ if (!value) return -1; - res = sscanf(value, "%ld%lf", &sec, &x); + res = sscanf(value, "%30ld%30lf", &sec, &x); if (res == 0 || sec < 0) { when.tv_sec = 0; when.tv_usec = 0; Index: funcs/func_math.c =================================================================== --- funcs/func_math.c (revision 211538) +++ funcs/func_math.c (revision 211539) @@ -255,12 +255,12 @@ return -1; } - if (sscanf(mvalue1, "%lf", &fnum1) != 1) { + if (sscanf(mvalue1, "%30lf", &fnum1) != 1) { ast_log(LOG_WARNING, "'%s' is not a valid number\n", mvalue1); return -1; } - if (sscanf(mvalue2, "%lf", &fnum2) != 1) { + if (sscanf(mvalue2, "%30lf", &fnum2) != 1) { ast_log(LOG_WARNING, "'%s' is not a valid number\n", mvalue2); return -1; } @@ -397,7 +397,7 @@ return -1; } - if (sscanf(var, "%d%c", &int_value, &endchar) == 0 || endchar != 0) { + if (sscanf(var, "%30d%1c", &int_value, &endchar) == 0 || endchar != 0) { ast_log(LOG_NOTICE, "The content of ${%s} is not a numeric value - bailing out!\n", data); ast_channel_unlock(chan); return -1; Index: funcs/func_cut.c =================================================================== --- funcs/func_cut.c (revision 211538) +++ funcs/func_cut.c (revision 211539) @@ -129,7 +129,7 @@ } *ptrvalue++ = '\0'; sortable_keys[count2].key = ptrkey; - sscanf(ptrvalue, "%f", &sortable_keys[count2].value); + sscanf(ptrvalue, "%30f", &sortable_keys[count2].value); count2++; } @@ -191,15 +191,15 @@ int start_field, stop_field; char trashchar; - if (sscanf(next_range, "%d-%d", &start_field, &stop_field) == 2) { + if (sscanf(next_range, "%30d-%30d", &start_field, &stop_field) == 2) { /* range with both start and end */ - } else if (sscanf(next_range, "-%d", &stop_field) == 1) { + } else if (sscanf(next_range, "-%30d", &stop_field) == 1) { /* range with end only */ start_field = 1; - } else if ((sscanf(next_range, "%d%c", &start_field, &trashchar) == 2) && (trashchar == '-')) { + } else if ((sscanf(next_range, "%30d%1c", &start_field, &trashchar) == 2) && (trashchar == '-')) { /* range with start only */ stop_field = INT_MAX; - } else if (sscanf(next_range, "%d", &start_field) == 1) { + } else if (sscanf(next_range, "%30d", &start_field) == 1) { /* single number */ stop_field = start_field; } else { Index: funcs/func_channel.c =================================================================== --- funcs/func_channel.c (revision 211538) +++ funcs/func_channel.c (revision 211539) @@ -364,7 +364,7 @@ else if (!strcasecmp(data, "amaflags")) { ast_channel_lock(chan); if(isdigit(*value)) { - sscanf(value, "%d", &chan->amaflags); + sscanf(value, "%30d", &chan->amaflags); } else if (!strcasecmp(value,"OMIT")){ chan->amaflags = 1; } else if (!strcasecmp(value,"BILLING")){ @@ -409,10 +409,10 @@ } else if (!strcasecmp(data, "callgroup")) chan->callgroup = ast_get_group(value); else if (!strcasecmp(data, "txgain")) { - sscanf(value, "%hhd", &gainset); + sscanf(value, "%4hhd", &gainset); ast_channel_setoption(chan, AST_OPTION_TXGAIN, &gainset, sizeof(gainset), 0); } else if (!strcasecmp(data, "rxgain")) { - sscanf(value, "%hhd", &gainset); + sscanf(value, "%4hhd", &gainset); ast_channel_setoption(chan, AST_OPTION_RXGAIN, &gainset, sizeof(gainset), 0); } else if (!strcasecmp(data, "transfercapability")) { unsigned short i; Index: main/utils.c =================================================================== --- main/utils.c (revision 211538) +++ main/utils.c (revision 211539) @@ -1826,7 +1826,7 @@ return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%Lf%n", &dtv, &scanned) > 0) { + if (sscanf(src, "%30Lf%n", &dtv, &scanned) > 0) { dst->tv_sec = dtv; dst->tv_usec = (dtv - dst->tv_sec) * 1000000.0; if (consumed) @@ -1853,7 +1853,7 @@ return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%ld%n", &t, &scanned) == 1) { + if (sscanf(src, "%30ld%n", &t, &scanned) == 1) { *dst = t; if (consumed) *consumed = scanned; @@ -2012,7 +2012,7 @@ d->qop = 1; } else if (!strcasecmp(key, "nc")) { unsigned long u; - if (sscanf(val, "%lx", &u) != 1) { + if (sscanf(val, "%30lx", &u) != 1) { ast_log(LOG_WARNING, "Incorrect Digest nc value: \"%s\".\n", val); return -1; } Index: main/config.c =================================================================== --- main/config.c (revision 211538) +++ main/config.c (revision 211539) @@ -364,7 +364,7 @@ int lineno; int insertline; - if (!variable || sscanf(line, "%d", &insertline) != 1) { + if (!variable || sscanf(line, "%30d", &insertline) != 1) { return; } if (!insertline) { Index: main/cdr.c =================================================================== --- main/cdr.c (revision 211538) +++ main/cdr.c (revision 211539) @@ -1493,7 +1493,7 @@ batchsafeshutdown = ast_true(batchsafeshutdown_value); } if ((size_value = ast_variable_retrieve(config, "general", "size"))) { - if (sscanf(size_value, "%d", &cfg_size) < 1) + if (sscanf(size_value, "%30d", &cfg_size) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", size_value); else if (cfg_size < 0) ast_log(LOG_WARNING, "Invalid maximum batch size '%d' specified, using default\n", cfg_size); @@ -1501,7 +1501,7 @@ batchsize = cfg_size; } if ((time_value = ast_variable_retrieve(config, "general", "time"))) { - if (sscanf(time_value, "%d", &cfg_time) < 1) + if (sscanf(time_value, "%30d", &cfg_time) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", time_value); else if (cfg_time < 0) ast_log(LOG_WARNING, "Invalid maximum batch time '%d' specified, using default\n", cfg_time); Index: main/channel.c =================================================================== --- main/channel.c (revision 211538) +++ main/channel.c (revision 211539) @@ -6144,9 +6144,9 @@ c = ast_strdupa(s); while ((piece = strsep(&c, ","))) { - if (sscanf(piece, "%d-%d", &start, &finish) == 2) { + if (sscanf(piece, "%30d-%30d", &start, &finish) == 2) { /* Range */ - } else if (sscanf(piece, "%d", &start)) { + } else if (sscanf(piece, "%30d", &start)) { /* Just one */ finish = start; } else { Index: main/manager.c =================================================================== --- main/manager.c (revision 211538) +++ main/manager.c (revision 211539) @@ -2474,7 +2474,7 @@ } if (!ast_strlen_zero(timeouts)) { - sscanf(timeouts, "%i", &timeout); + sscanf(timeouts, "%30i", &timeout); if (timeout < -1) { timeout = -1; } @@ -2962,7 +2962,7 @@ return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; @@ -3270,13 +3270,13 @@ astman_send_error(s, m, "Channel not specified"); return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; } } - if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%d", &to) != 1)) { + if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%30d", &to) != 1)) { astman_send_error(s, m, "Invalid timeout"); return 0; } @@ -4731,7 +4731,7 @@ cookies = ast_http_get_cookies(headers); for (v = cookies; v; v = v->next) { if (!strcasecmp(v->name, "mansession_id")) { - sscanf(v->value, "%x", &ident); + sscanf(v->value, "%30x", &ident); break; } } @@ -4988,7 +4988,7 @@ nonce = 0; goto out_401; } - if (sscanf(d.nonce, "%lx", &nonce) != 1) { + if (sscanf(d.nonce, "%30lx", &nonce) != 1) { ast_log(LOG_WARNING, "Received incorrect nonce in Digest <%s>\n", d.nonce); nonce = 0; goto out_401; @@ -5094,7 +5094,7 @@ stale = 1; goto out_401; } else { - sscanf(d.nc, "%lx", &nc); + sscanf(d.nc, "%30lx", &nc); if (session->nc >= nc || ((time_now - session->noncetime) > 62) ) { /* * Nonce time expired (> 2 minutes) or something wrong with nonce Index: main/features.c =================================================================== --- main/features.c (revision 211538) +++ main/features.c (revision 211539) @@ -657,7 +657,7 @@ * limitation here. If extout was not numeric, we could permit * arbitrary non-numeric extensions. */ - if (sscanf(parkingexten, "%d", &parking_space) != 1 || parking_space < 0) { + if (sscanf(parkingexten, "%30d", &parking_space) != 1 || parking_space < 0) { AST_LIST_UNLOCK(&parkinglot->parkings); parkinglot_unref(parkinglot); free(pu); @@ -3484,7 +3484,7 @@ if (parse) { if (!ast_strlen_zero(app_args.timeout)) { - if (sscanf(app_args.timeout, "%d", &args.timeout) != 1) { + if (sscanf(app_args.timeout, "%30d", &args.timeout) != 1) { ast_log(LOG_WARNING, "Invalid timeout '%s' provided\n", app_args.timeout); args.timeout = 0; } @@ -3496,7 +3496,7 @@ args.return_ext = app_args.return_ext; } if (!ast_strlen_zero(app_args.return_pri)) { - if (sscanf(app_args.return_pri, "%d", &args.return_pri) != 1) { + if (sscanf(app_args.return_pri, "%30d", &args.return_pri) != 1) { ast_log(LOG_WARNING, "Invalid priority '%s' specified\n", app_args.return_pri); args.return_pri = 0; } @@ -3765,13 +3765,13 @@ if (!strcasecmp(confvar->name, "context")) { ast_copy_string(parkinglot->parking_con, confvar->value, sizeof(parkinglot->parking_con)); } else if (!strcasecmp(confvar->name, "parkingtime")) { - if ((sscanf(confvar->value, "%d", &parkinglot->parkingtime) != 1) || (parkinglot->parkingtime < 1)) { + if ((sscanf(confvar->value, "%30d", &parkinglot->parkingtime) != 1) || (parkinglot->parkingtime < 1)) { ast_log(LOG_WARNING, "%s is not a valid parkingtime\n", confvar->value); parkinglot->parkingtime = DEFAULT_PARK_TIME; } else parkinglot->parkingtime = parkinglot->parkingtime * 1000; } else if (!strcasecmp(confvar->name, "parkpos")) { - if (sscanf(confvar->value, "%d-%d", &start, &end) != 2) { + if (sscanf(confvar->value, "%30d-%30d", &start, &end) != 2) { ast_log(LOG_WARNING, "Format for parking positions is a-b, where a and b are numbers at line %d of parking.conf\n", confvar->lineno); error = 1; } else { @@ -3935,13 +3935,13 @@ } else if (!strcasecmp(var->name, "context")) { ast_copy_string(default_parkinglot->parking_con, var->value, sizeof(default_parkinglot->parking_con)); } else if (!strcasecmp(var->name, "parkingtime")) { - if ((sscanf(var->value, "%d", &default_parkinglot->parkingtime) != 1) || (default_parkinglot->parkingtime < 1)) { + if ((sscanf(var->value, "%30d", &default_parkinglot->parkingtime) != 1) || (default_parkinglot->parkingtime < 1)) { ast_log(LOG_WARNING, "%s is not a valid parkingtime\n", var->value); default_parkinglot->parkingtime = DEFAULT_PARK_TIME; } else default_parkinglot->parkingtime = default_parkinglot->parkingtime * 1000; } else if (!strcasecmp(var->name, "parkpos")) { - if (sscanf(var->value, "%d-%d", &start, &end) != 2) { + if (sscanf(var->value, "%30d-%30d", &start, &end) != 2) { ast_log(LOG_WARNING, "Format for parking positions is a-b, where a and b are numbers at line %d of features.conf\n", var->lineno); } else if (default_parkinglot) { default_parkinglot->parking_start = start; @@ -3984,24 +3984,24 @@ } else if (!strcasecmp(var->name, "adsipark")) { adsipark = ast_true(var->value); } else if (!strcasecmp(var->name, "transferdigittimeout")) { - if ((sscanf(var->value, "%d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid transferdigittimeout\n", var->value); transferdigittimeout = DEFAULT_TRANSFER_DIGIT_TIMEOUT; } else transferdigittimeout = transferdigittimeout * 1000; } else if (!strcasecmp(var->name, "featuredigittimeout")) { - if ((sscanf(var->value, "%d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid featuredigittimeout\n", var->value); featuredigittimeout = DEFAULT_FEATURE_DIGIT_TIMEOUT; } } else if (!strcasecmp(var->name, "atxfernoanswertimeout")) { - if ((sscanf(var->value, "%d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { + if ((sscanf(var->value, "%30d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfernoanswertimeout\n", var->value); atxfernoanswertimeout = DEFAULT_NOANSWER_TIMEOUT_ATTENDED_TRANSFER; } else atxfernoanswertimeout = atxfernoanswertimeout * 1000; } else if (!strcasecmp(var->name, "atxferloopdelay")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxferloopdelay\n", var->value); atxferloopdelay = DEFAULT_ATXFER_LOOP_DELAY; } else @@ -4009,7 +4009,7 @@ } else if (!strcasecmp(var->name, "atxferdropcall")) { atxferdropcall = ast_true(var->value); } else if (!strcasecmp(var->name, "atxfercallbackretries")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfercallbackretries\n", var->value); atxfercallbackretries = DEFAULT_ATXFER_CALLBACK_RETRIES; } @@ -4605,7 +4605,7 @@ } if (!ast_strlen_zero(timeout)) { - sscanf(timeout, "%d", &to); + sscanf(timeout, "%30d", &to); } res = ast_masq_park_call(ch1, ch2, to, &parkExt); Index: main/http.c =================================================================== --- main/http.c (revision 211538) +++ main/http.c (revision 211539) @@ -154,7 +154,7 @@ cookies = ast_http_get_cookies(headers); for (v = cookies; v; v = v->next) { if (!strcasecmp(v->name, "mansession_id")) { - sscanf(v->value, "%x", &mngid); + sscanf(v->value, "%30x", &mngid); break; } } Index: main/acl.c =================================================================== --- main/acl.c (revision 211538) +++ main/acl.c (revision 211539) @@ -297,7 +297,7 @@ nm++; if (!strchr(nm, '.')) { - if ((sscanf(nm, "%d", &x) == 1) && (x >= 0) && (x <= 32)) { + if ((sscanf(nm, "%30d", &x) == 1) && (x >= 0) && (x <= 32)) { ha->netmask.s_addr = htonl(0xFFFFFFFF << (32 - x)); } else { ast_log(LOG_WARNING, "Invalid CIDR in %s\n", stuff); @@ -423,7 +423,7 @@ { int fval; - if (sscanf(value, "%d", &fval) == 1) { + if (sscanf(value, "%30d", &fval) == 1) { if (fval < 8) { *cos = fval; return 0; @@ -438,7 +438,7 @@ int fval; unsigned int x; - if (sscanf(value, "%i", &fval) == 1) { + if (sscanf(value, "%30i", &fval) == 1) { *tos = fval & 0xFF; return 0; } Index: main/asterisk.c =================================================================== --- main/asterisk.c (revision 211538) +++ main/asterisk.c (revision 211539) @@ -1389,7 +1389,7 @@ if (!ast_strlen_zero(ast_config_AST_CTL_PERMISSIONS)) { int p1; mode_t p; - sscanf(ast_config_AST_CTL_PERMISSIONS, "%o", &p1); + sscanf(ast_config_AST_CTL_PERMISSIONS, "%30o", &p1); p = p1; if ((chmod(ast_config_AST_SOCKET, p)) < 0) ast_log(LOG_WARNING, "Unable to change file permissions of %s: %s\n", ast_config_AST_SOCKET, strerror(errno)); @@ -2192,10 +2192,10 @@ switch (*t) { case 'C': /* color */ t++; - if (sscanf(t, "%d;%d%n", &fgcolor, &bgcolor, &i) == 2) { + if (sscanf(t, "%30d;%30d%n", &fgcolor, &bgcolor, &i) == 2) { ast_str_append(&prompt, 0, "%s", term_color_code(term_code, fgcolor, bgcolor, sizeof(term_code))); t += i - 1; - } else if (sscanf(t, "%d%n", &fgcolor, &i) == 1) { + } else if (sscanf(t, "%30d%n", &fgcolor, &i) == 1) { ast_str_append(&prompt, 0, "%s", term_color_code(term_code, fgcolor, 0, sizeof(term_code))); t += i - 1; } @@ -2236,7 +2236,7 @@ #ifdef HAVE_GETLOADAVG case 'l': /* load avg */ t++; - if (sscanf(t, "%d", &which) == 1 && which > 0 && which <= 3) { + if (sscanf(t, "%30d", &which) == 1 && which > 0 && which <= 3) { double list[3]; getloadavg(list, 3); ast_str_append(&prompt, 0, "%.2f", list[which - 1]); @@ -2878,7 +2878,7 @@ /* debug level (-d at startup) */ } else if (!strcasecmp(v->name, "debug")) { option_debug = 0; - if (sscanf(v->value, "%d", &option_debug) != 1) { + if (sscanf(v->value, "%30d", &option_debug) != 1) { option_debug = ast_true(v->value); } #if HAVE_WORKING_FORK @@ -2926,7 +2926,7 @@ } else if (!strcasecmp(v->name, "internal_timing")) { ast_set2_flag(&ast_options, ast_true(v->value), AST_OPT_FLAG_INTERNAL_TIMING); } else if (!strcasecmp(v->name, "maxcalls")) { - if ((sscanf(v->value, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { + if ((sscanf(v->value, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { option_maxcalls = 0; } } else if (!strcasecmp(v->name, "maxload")) { @@ -2935,7 +2935,7 @@ if (getloadavg(test, 1) == -1) { ast_log(LOG_ERROR, "Cannot obtain load average on this system. 'maxload' option disabled.\n"); option_maxload = 0.0; - } else if ((sscanf(v->value, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) { + } else if ((sscanf(v->value, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) { option_maxload = 0.0; } /* Set the maximum amount of open files */ @@ -2977,7 +2977,7 @@ } else if (!strcasecmp(v->name, "minmemfree")) { /* specify the minimum amount of free memory to retain. Asterisk should stop accepting new calls * if the amount of free memory falls below this watermark */ - if ((sscanf(v->value, "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(v->value, "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } #endif @@ -2998,7 +2998,7 @@ } for (v = ast_variable_browse(cfg, "compat"); v; v = v->next) { float version; - if (sscanf(v->value, "%f", &version) != 1) { + if (sscanf(v->value, "%30f", &version) != 1) { ast_log(LOG_WARNING, "Compatibility version for option '%s' is not a number: '%s'\n", v->name, v->value); continue; } @@ -3142,7 +3142,7 @@ switch (c) { #if defined(HAVE_SYSINFO) case 'e': - if ((sscanf(&optarg[1], "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(&optarg[1], "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } break; @@ -3182,11 +3182,11 @@ ast_set_flag(&ast_options, AST_OPT_FLAG_MUTE); break; case 'M': - if ((sscanf(optarg, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) + if ((sscanf(optarg, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) option_maxcalls = 0; break; case 'L': - if ((sscanf(optarg, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) + if ((sscanf(optarg, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) option_maxload = 0.0; break; case 'q': Index: main/dsp.c =================================================================== --- main/dsp.c (revision 211538) +++ main/dsp.c (revision 211539) @@ -1670,7 +1670,7 @@ const char *value; value = ast_variable_retrieve(cfg, "default", "silencethreshold"); - if (value && sscanf(value, "%d", &thresholds[THRESHOLD_SILENCE]) != 1) { + if (value && sscanf(value, "%30d", &thresholds[THRESHOLD_SILENCE]) != 1) { ast_log(LOG_WARNING, "%s: '%s' is not a valid silencethreshold value\n", CONFIG_FILE_NAME, value); thresholds[THRESHOLD_SILENCE] = 256; } else if (!value) { Index: main/timing.c =================================================================== --- main/timing.c (revision 211538) +++ main/timing.c (revision 211539) @@ -229,7 +229,7 @@ if (a->argc == 3) { unsigned int rate; - if (sscanf(a->argv[2], "%u", &rate) == 1) { + if (sscanf(a->argv[2], "%30u", &rate) == 1) { test_rate = rate; } else { ast_cli(a->fd, "Invalid rate '%s', using default of %u\n", a->argv[2], test_rate); Index: main/frame.c =================================================================== --- main/frame.c (revision 211538) +++ main/frame.c (revision 211539) @@ -735,7 +735,7 @@ if (a->argc != 4) return CLI_SHOWUSAGE; - if (sscanf(a->argv[3],"%d",&codec) != 1) + if (sscanf(a->argv[3], "%30d", &codec) != 1) return CLI_SHOWUSAGE; for (i = 0; i < 32; i++) Index: main/indications.c =================================================================== --- main/indications.c (revision 211538) +++ main/indications.c (revision 211539) @@ -243,50 +243,50 @@ int ast_tone_zone_part_parse(const char *s, struct ast_tone_zone_part *tone_data) { - if (sscanf(s, "%u+%u/%u", &tone_data->freq1, &tone_data->freq2, + if (sscanf(s, "%30u+%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* f1+f2/time format */ - } else if (sscanf(s, "%u+%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "%30u+%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* f1+f2 format */ tone_data->time = 0; - } else if (sscanf(s, "%u*%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "%30u*%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* f1*f2/time format */ tone_data->modulate = 1; - } else if (sscanf(s, "%u*%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "%30u*%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* f1*f2 format */ tone_data->time = 0; tone_data->modulate = 1; - } else if (sscanf(s, "%u/%u", &tone_data->freq1, &tone_data->time) == 2) { + } else if (sscanf(s, "%30u/%30u", &tone_data->freq1, &tone_data->time) == 2) { /* f1/time format */ tone_data->freq2 = 0; - } else if (sscanf(s, "%u", &tone_data->freq1) == 1) { + } else if (sscanf(s, "%30u", &tone_data->freq1) == 1) { /* f1 format */ tone_data->freq2 = 0; tone_data->time = 0; - } else if (sscanf(s, "M%u+M%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "M%30u+M%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* Mf1+Mf2/time format */ tone_data->midinote = 1; - } else if (sscanf(s, "M%u+M%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "M%30u+M%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* Mf1+Mf2 format */ tone_data->time = 0; tone_data->midinote = 1; - } else if (sscanf(s, "M%u*M%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "M%30u*M%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* Mf1*Mf2/time format */ tone_data->modulate = 1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u*M%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "M%30u*M%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* Mf1*Mf2 format */ tone_data->time = 0; tone_data->modulate = 1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u/%u", &tone_data->freq1, &tone_data->time) == 2) { + } else if (sscanf(s, "M%30u/%30u", &tone_data->freq1, &tone_data->time) == 2) { /* Mf1/time format */ tone_data->freq2 = -1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u", &tone_data->freq1) == 1) { + } else if (sscanf(s, "M%30u", &tone_data->freq1) == 1) { /* Mf1 format */ tone_data->freq2 = -1; tone_data->time = 0; Index: main/enum.c =================================================================== --- main/enum.c (revision 211538) +++ main/enum.c (revision 211539) @@ -114,7 +114,7 @@ strncpy(digits, number, 2); - if (!sscanf(digits, "%d", &cc)) { + if (!sscanf(digits, "%30d", &cc)) { return 0; } Index: main/cli.c =================================================================== --- main/cli.c (revision 211538) +++ main/cli.c (revision 211539) @@ -444,7 +444,7 @@ atleast = 1; if (argc != e->args + atleast + 1 && argc != e->args + atleast + 2) return CLI_SHOWUSAGE; - if (sscanf(argv[e->args + atleast], "%d", &newlevel) != 1) + if (sscanf(argv[e->args + atleast], "%30d", &newlevel) != 1) return CLI_SHOWUSAGE; if (argc == e->args + atleast + 2) { unsigned int debug = (*what == 'C'); Index: main/pbx.c =================================================================== --- main/pbx.c (revision 211538) +++ main/pbx.c (revision 211539) @@ -2807,7 +2807,7 @@ parens--; } else if (*var == ':' && parens == 0) { *var++ = '\0'; - sscanf(var, "%d:%d", offset, length); + sscanf(var, "%30d:%30d", offset, length); return 1; /* offset:length valid */ } } @@ -7079,7 +7079,7 @@ } /* Allow months and weekdays to be specified as numbers, as well */ - if (sscanf(s, "%d", &i) == 1 && i >= 1 && i <= max) { + if (sscanf(s, "%2d", &i) == 1 && i >= 1 && i <= max) { /* What the array offset would have been: "1" would be at offset 0 */ return i - 1; } @@ -7155,7 +7155,7 @@ /* Otherwise expect a range */ while ((part = strsep(×, "&"))) { if (!(endpart = strchr(part, '-'))) { - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "%s isn't a valid time.\n", part); continue; } @@ -7171,11 +7171,11 @@ ast_log(LOG_WARNING, "Invalid time range starting with '%s-'.\n", part); continue; } - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid start time.\n", part); continue; } - if (sscanf(endpart, "%d:%d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { + if (sscanf(endpart, "%2d:%2d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid end time.\n", endpart); continue; } @@ -8711,7 +8711,7 @@ double waitsec; int waittime; - if (ast_strlen_zero(data) || (sscanf(data, "%lg", &waitsec) != 1) || (waitsec < 0)) + if (ast_strlen_zero(data) || (sscanf(data, "%30lg", &waitsec) != 1) || (waitsec < 0)) waitsec = -1; if (waitsec > -1) { waittime = waitsec * 1000.0; @@ -9465,7 +9465,7 @@ int res; if (ast_strlen_zero(condition)) { /* NULL or empty strings are false */ return 0; - } else if (sscanf(condition, "%d", &res) == 1) { /* Numbers are evaluated for truth */ + } else if (sscanf(condition, "%30d", &res) == 1) { /* Numbers are evaluated for truth */ return res; } else { /* Strings are true */ return 1; @@ -9880,7 +9880,7 @@ mode = -1; pri++; } - if (sscanf(pri, "%d", &ipri) != 1) { + if (sscanf(pri, "%30d", &ipri) != 1) { if ((ipri = ast_findlabel_extension(chan, context ? context : chan->context, exten ? exten : chan->exten, pri, chan->cid.cid_num)) < 1) { ast_log(LOG_WARNING, "Priority '%s' must be a number > 0, or valid label\n", pri); Index: main/dnsmgr.c =================================================================== --- main/dnsmgr.c (revision 211538) +++ main/dnsmgr.c (revision 211539) @@ -394,7 +394,7 @@ enabled = ast_true(enabled_value); } if ((interval_value = ast_variable_retrieve(config, "general", "refreshinterval"))) { - if (sscanf(interval_value, "%d", &interval) < 1) + if (sscanf(interval_value, "%30d", &interval) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", interval_value); else if (interval < 0) ast_log(LOG_WARNING, "Invalid refresh interval '%d' specified, using default\n", interval); Index: main/netsock.c =================================================================== --- main/netsock.c (revision 211538) +++ main/netsock.c (revision 211539) @@ -280,7 +280,7 @@ unsigned int eid_int[6]; int x; - if (sscanf(s, "%x:%x:%x:%x:%x:%x", &eid_int[0], &eid_int[1], &eid_int[2], + if (sscanf(s, "%2x:%2x:%2x:%2x:%2x:%2x", &eid_int[0], &eid_int[1], &eid_int[2], &eid_int[3], &eid_int[4], &eid_int[5]) != 6) return -1; Index: res/res_config_sqlite.c =================================================================== --- res/res_config_sqlite.c (revision 211538) +++ res/res_config_sqlite.c (revision 211539) @@ -805,7 +805,7 @@ if (!tmp) { continue; } - if (sscanf(tmp, "%d", &scannum) == 1) { + if (sscanf(tmp, "%30d", &scannum) == 1) { ast_str_append(&sql1, 0, "%s%s", first ? "" : ",", col->name); ast_str_append(&sql2, 0, "%s%d", first ? "" : ",", scannum); } Index: res/res_agi.c =================================================================== --- res/res_agi.c (revision 211538) +++ res/res_agi.c (revision 211539) @@ -1606,7 +1606,7 @@ if (argc != 4) return RESULT_SHOWUSAGE; - if (sscanf(argv[3], "%d", &to) != 1) + if (sscanf(argv[3], "%30d", &to) != 1) return RESULT_SHOWUSAGE; res = ast_waitfordigit_full(chan, to, agi->audio, agi->ctrl); ast_agi_send(agi->fd, chan, "200 result=%d\n", res); @@ -1725,7 +1725,7 @@ stop = argv[4]; } - if ((argc > 5) && (sscanf(argv[5], "%d", &skipms) != 1)) { + if ((argc > 5) && (sscanf(argv[5], "%30d", &skipms) != 1)) { return RESULT_SHOWUSAGE; } @@ -1761,7 +1761,7 @@ if (argv[3]) edigits = argv[3]; - if ((argc > 4) && (sscanf(argv[4], "%ld", &sample_offset) != 1)) + if ((argc > 4) && (sscanf(argv[4], "%30ld", &sample_offset) != 1)) return RESULT_SHOWUSAGE; if (!(fs = ast_openstream(chan, argv[2], chan->language))) { @@ -1873,7 +1873,7 @@ if (argc < 4 || argc > 5) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%d", &num) != 1) + if (sscanf(argv[2], "%30d", &num) != 1) return RESULT_SHOWUSAGE; res = ast_say_number_full(chan, num, argv[3], chan->language, argc > 4 ? argv[4] : NULL, agi->audio, agi->ctrl); if (res == 1) @@ -1888,7 +1888,7 @@ if (argc != 4) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%d", &num) != 1) + if (sscanf(argv[2], "%30d", &num) != 1) return RESULT_SHOWUSAGE; res = ast_say_digit_str_full(chan, argv[2], argv[3], chan->language, agi->audio, agi->ctrl); @@ -1918,7 +1918,7 @@ if (argc != 4) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%d", &num) != 1) + if (sscanf(argv[2], "%30d", &num) != 1) return RESULT_SHOWUSAGE; res = ast_say_date(chan, num, argv[3], chan->language); if (res == 1) @@ -1933,7 +1933,7 @@ if (argc != 4) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%d", &num) != 1) + if (sscanf(argv[2], "%30d", &num) != 1) return RESULT_SHOWUSAGE; res = ast_say_time(chan, num, argv[3], chan->language); if (res == 1) @@ -2043,7 +2043,7 @@ if (argc != 3) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%d", &pri) != 1) { + if (sscanf(argv[2], "%30d", &pri) != 1) { if ((pri = ast_findlabel_extension(chan, chan->context, chan->exten, argv[2], chan->cid.cid_num)) < 1) return RESULT_SHOWUSAGE; } @@ -2074,7 +2074,7 @@ if (argc < 6) return RESULT_SHOWUSAGE; - if (sscanf(argv[5], "%d", &ms) != 1) + if (sscanf(argv[5], "%30d", &ms) != 1) return RESULT_SHOWUSAGE; if (argc > 6) @@ -2115,7 +2115,7 @@ /* backward compatibility, if no offset given, arg[6] would have been * caught below and taken to be a beep, else if it is a digit then it is a * offset */ - if ((argc >6) && (sscanf(argv[6], "%ld", &sample_offset) != 1) && (!strchr(argv[6], '='))) + if ((argc >6) && (sscanf(argv[6], "%30ld", &sample_offset) != 1) && (!strchr(argv[6], '='))) res = ast_streamfile(chan, "beep", chan->language); if ((argc > 7) && (!strchr(argv[7], '='))) @@ -2237,7 +2237,7 @@ if (argc != 3) return RESULT_SHOWUSAGE; - if (sscanf(argv[2], "%lf", &timeout) != 1) + if (sscanf(argv[2], "%30lf", &timeout) != 1) return RESULT_SHOWUSAGE; if (timeout < 0) timeout = 0; @@ -2437,7 +2437,7 @@ return RESULT_SHOWUSAGE; if (argv[2]) - sscanf(argv[2], "%d", &level); + sscanf(argv[2], "%30d", &level); ast_verb(level, "%s: %s\n", chan->data, argv[1]); Index: res/res_config_ldap.c =================================================================== --- res/res_config_ldap.c (revision 211538) +++ res/res_config_ldap.c (revision 211539) @@ -1597,7 +1597,7 @@ if ((s = ast_variable_retrieve(config, "_general", "url"))) { ast_copy_string(url, s, sizeof(url)); } else if ((host = ast_variable_retrieve(config, "_general", "host"))) { - if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%d", &port) != 1) { + if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%5d", &port) != 1 || port > 65535) { ast_log(LOG_NOTICE, "No directory port found, using 389 as default.\n"); port = 389; } @@ -1618,7 +1618,7 @@ if (!(s = ast_variable_retrieve(config, "_general", "version")) && !(s = ast_variable_retrieve(config, "_general", "protocol"))) { ast_log(LOG_NOTICE, "No explicit LDAP version found, using 3 as default.\n"); version = 3; - } else if (sscanf(s, "%d", &version) != 1 || version < 1 || version > 6) { + } else if (sscanf(s, "%30d", &version) != 1 || version < 1 || version > 6) { ast_log(LOG_WARNING, "Invalid LDAP version '%s', using 3 as default.\n", s); version = 3; } Index: res/ael/pval.c =================================================================== --- res/ael/pval.c (revision 211538) +++ res/ael/pval.c (revision 211539) @@ -860,12 +860,12 @@ p->filename, p->startline, p->endline, p->u1.str); warns++; } - if (sscanf(times, "%d:%d", &s1, &s2) != 2) { + if (sscanf(times, "%2d:%2d", &s1, &s2) != 2) { ast_log(LOG_WARNING, "Warning: file %s, line %d-%d: The start time (%s) isn't quite right!\n", p->filename, p->startline, p->endline, times); warns++; } - if (sscanf(e, "%d:%d", &e1, &e2) != 2) { + if (sscanf(e, "%2d:%2d", &e1, &e2) != 2) { ast_log(LOG_WARNING, "Warning: file %s, line %d-%d: The end time (%s) isn't quite right!\n", p->filename, p->startline, p->endline, times); warns++; @@ -957,7 +957,7 @@ c++; } /* Find the start */ - if (sscanf(day, "%d", &s) != 1) { + if (sscanf(day, "%2d", &s) != 1) { ast_log(LOG_WARNING, "Warning: file %s, line %d-%d: The start day of month (%s) must be a number!\n", DAY->filename, DAY->startline, DAY->endline, day); warns++; @@ -969,7 +969,7 @@ } s--; if (c) { - if (sscanf(c, "%d", &e) != 1) { + if (sscanf(c, "%2d", &e) != 1) { ast_log(LOG_WARNING, "Warning: file %s, line %d-%d: The end day of month (%s) must be a number!\n", DAY->filename, DAY->startline, DAY->endline, c); warns++; Index: res/res_odbc.c =================================================================== --- res/res_odbc.c (revision 211538) +++ res/res_odbc.c (revision 211539) @@ -771,7 +771,7 @@ if (ast_false(v->value)) pooling = 1; } else if (!strcasecmp(v->name, "limit")) { - sscanf(v->value, "%d", &limit); + sscanf(v->value, "%30d", &limit); if (ast_true(v->value) && !limit) { ast_log(LOG_WARNING, "Limit should be a number, not a boolean: '%s'. Setting limit to 1023 for ODBC class '%s'.\n", v->value, cat); limit = 1023; @@ -781,7 +781,7 @@ break; } } else if (!strcasecmp(v->name, "idlecheck")) { - sscanf(v->value, "%d", &idlecheck); + sscanf(v->value, "%30u", &idlecheck); } else if (!strcasecmp(v->name, "enabled")) { enabled = ast_true(v->value); } else if (!strcasecmp(v->name, "pre-connect")) { Index: res/res_limit.c =================================================================== --- res/res_limit.c (revision 211538) +++ res/res_limit.c (revision 211539) @@ -179,7 +179,7 @@ return CLI_FAILURE; } - sscanf(a->argv[2], "%d", &x); + sscanf(a->argv[2], "%30d", &x); rlimit.rlim_max = rlimit.rlim_cur = x; setrlimit(resource, &rlimit); return CLI_SUCCESS; Index: res/res_config_curl.c =================================================================== --- res/res_config_curl.c (revision 211538) +++ res/res_config_curl.c (revision 211539) @@ -270,7 +270,7 @@ while (*stringp <= ' ') { stringp++; } - sscanf(stringp, "%d", &rowcount); + sscanf(stringp, "%30d", &rowcount); if (rowcount >= 0) { return (int)rowcount; @@ -334,7 +334,7 @@ while (*stringp <= ' ') { stringp++; } - sscanf(stringp, "%d", &rowcount); + sscanf(stringp, "%30d", &rowcount); if (rowcount >= 0) { return (int)rowcount; @@ -395,7 +395,7 @@ while (*stringp <= ' ') { stringp++; } - sscanf(stringp, "%d", &rowcount); + sscanf(stringp, "%30d", &rowcount); if (rowcount >= 0) { return rowcount; @@ -461,7 +461,7 @@ while (*stringp <= ' ') { stringp++; } - sscanf(stringp, "%d", &rowcount); + sscanf(stringp, "%30d", &rowcount); if (rowcount >= 0) { return (int)rowcount; Index: res/res_smdi.c =================================================================== --- res/res_smdi.c (revision 211538) +++ res/res_smdi.c (revision 211539) @@ -1001,7 +1001,7 @@ baud_rate = B9600; } } else if (!strcasecmp(v->name, "msdstrip")) { - if (!sscanf(v->value, "%d", &msdstrip)) { + if (!sscanf(v->value, "%30d", &msdstrip)) { ast_log(LOG_NOTICE, "Invalid msdstrip value in %s (line %d), using default\n", config_file, v->lineno); msdstrip = 0; } else if (0 > msdstrip || msdstrip > 9) { @@ -1009,7 +1009,7 @@ msdstrip = 0; } } else if (!strcasecmp(v->name, "msgexpirytime")) { - if (!sscanf(v->value, "%ld", &msg_expiry)) { + if (!sscanf(v->value, "%30ld", &msg_expiry)) { ast_log(LOG_NOTICE, "Invalid msgexpirytime value in %s (line %d), using default\n", config_file, v->lineno); msg_expiry = SMDI_MSG_EXPIRY_TIME; } @@ -1142,7 +1142,7 @@ continue; } } else if (!strcasecmp(v->name, "pollinginterval")) { - if (sscanf(v->value, "%u", &mwi_monitor.polling_interval) != 1) { + if (sscanf(v->value, "%30u", &mwi_monitor.polling_interval) != 1) { ast_log(LOG_ERROR, "Invalid value for pollinginterval: %s\n", v->value); mwi_monitor.polling_interval = DEFAULT_POLLING_INTERVAL; } @@ -1263,7 +1263,7 @@ } if (!ast_strlen_zero(args.timeout)) { - if (sscanf(args.timeout, "%u", &timeout) != 1) { + if (sscanf(args.timeout, "%30u", &timeout) != 1) { ast_log(LOG_ERROR, "'%s' is not a valid timeout\n", args.timeout); timeout = SMDI_RETRIEVE_TIMEOUT_DEFAULT; } Index: res/res_config_pgsql.c =================================================================== --- res/res_config_pgsql.c (revision 211538) +++ res/res_config_pgsql.c (revision 211539) @@ -175,10 +175,10 @@ if (strcmp(flen, "-1") == 0) { /* Some types, like chars, have the length stored in a different field */ flen = PQgetvalue(result, i, 5); - sscanf(flen, "%d", &column->len); + sscanf(flen, "%30d", &column->len); column->len -= 4; } else { - sscanf(flen, "%d", &column->len); + sscanf(flen, "%30d", &column->len); } column->name = (char *)column + sizeof(*column); column->type = (char *)column + sizeof(*column) + strlen(fname) + 1; Index: res/snmp/agent.c =================================================================== --- res/snmp/agent.c (revision 211538) +++ res/snmp/agent.c (revision 211539) @@ -808,7 +808,7 @@ return (u_char *)version; } case ASTVERTAG: - sscanf(ast_get_version_num(), "%lu", &long_ret); + sscanf(ast_get_version_num(), "%30lu", &long_ret); return (u_char *)&long_ret; default: break; Index: res/res_http_post.c =================================================================== --- res/res_http_post.c (revision 211538) +++ res/res_http_post.c (revision 211539) @@ -320,7 +320,7 @@ cookies = ast_http_get_cookies(headers); for (var = cookies; var; var = var->next) { if (!strcasecmp(var->name, "mansession_id")) { - sscanf(var->value, "%lx", &ident); + sscanf(var->value, "%30lx", &ident); break; } } @@ -347,7 +347,7 @@ fprintf(f, "%s: %s\r\n", var->name, var->value); if (!strcasecmp(var->name, "Content-Length")) { - if ((sscanf(var->value, "%u", &content_len)) != 1) { + if ((sscanf(var->value, "%30u", &content_len)) != 1) { ast_log(LOG_ERROR, "Invalid Content-Length in POST request!\n"); fclose(f); ast_http_error(ser, 500, "Internal server error", "Invalid Content-Length in POST request!"); Index: res/res_musiconhold.c =================================================================== --- res/res_musiconhold.c (revision 211538) +++ res/res_musiconhold.c (revision 211539) @@ -651,7 +651,7 @@ AST_STANDARD_APP_ARGS(args, parse); if (!ast_strlen_zero(args.duration)) { - if (sscanf(args.duration, "%d", &timeout) == 1) { + if (sscanf(args.duration, "%30d", &timeout) == 1) { timeout *= 1000; } else { ast_log(LOG_WARNING, "Invalid MusicOnHold duration '%s'. Will wait indefinitely.\n", args.duration); Index: codecs/codec_speex.c =================================================================== --- codecs/codec_speex.c (revision 211538) +++ codecs/codec_speex.c (revision 211539) @@ -364,7 +364,7 @@ } else ast_log(LOG_ERROR,"Error! Complexity must be 0-10\n"); } else if (!strcasecmp(var->name, "vbr_quality")) { - if (sscanf(var->value, "%f", &res_f) == 1 && res_f >= 0 && res_f <= 10) { + if (sscanf(var->value, "%30f", &res_f) == 1 && res_f >= 0 && res_f <= 10) { ast_verb(3, "CODEC SPEEX: Setting VBR Quality to %f\n",res_f); vbr_quality = res_f; } else @@ -403,7 +403,7 @@ pp_agc = ast_true(var->value) ? 1 : 0; ast_verb(3, "CODEC SPEEX: Preprocessor AGC. [%s]\n",pp_agc ? "on" : "off"); } else if (!strcasecmp(var->name, "pp_agc_level")) { - if (sscanf(var->value, "%f", &res_f) == 1 && res_f >= 0) { + if (sscanf(var->value, "%30f", &res_f) == 1 && res_f >= 0) { ast_verb(3, "CODEC SPEEX: Setting preprocessor AGC Level to %f\n",res_f); pp_agc_level = res_f; } else @@ -415,13 +415,13 @@ pp_dereverb = ast_true(var->value) ? 1 : 0; ast_verb(3, "CODEC SPEEX: Preprocessor Dereverb. [%s]\n",pp_dereverb ? "on" : "off"); } else if (!strcasecmp(var->name, "pp_dereverb_decay")) { - if (sscanf(var->value, "%f", &res_f) == 1 && res_f >= 0) { + if (sscanf(var->value, "%30f", &res_f) == 1 && res_f >= 0) { ast_verb(3, "CODEC SPEEX: Setting preprocessor Dereverb Decay to %f\n",res_f); pp_dereverb_decay = res_f; } else ast_log(LOG_ERROR,"Error! Preprocessor Dereverb Decay must be >= 0\n"); } else if (!strcasecmp(var->name, "pp_dereverb_level")) { - if (sscanf(var->value, "%f", &res_f) == 1 && res_f >= 0) { + if (sscanf(var->value, "%30f", &res_f) == 1 && res_f >= 0) { ast_verb(3, "CODEC SPEEX: Setting preprocessor Dereverb Level to %f\n",res_f); pp_dereverb_level = res_f; } else Index: utils/extconf.c =================================================================== --- utils/extconf.c (revision 211538) +++ utils/extconf.c (revision 211539) @@ -3149,7 +3149,7 @@ } /* Allow months and weekdays to be specified as numbers, as well */ - if (sscanf(s, "%d", &i) == 1 && i >= 1 && i <= max) { + if (sscanf(s, "%2d", &i) == 1 && i >= 1 && i <= max) { /* What the array offset would have been: "1" would be at offset 0 */ return i - 1; } @@ -3226,7 +3226,7 @@ /* Otherwise expect a range */ while ((part = strsep(×, "&"))) { if (!(endpart = strchr(part, '-'))) { - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "%s isn't a valid time.\n", part); continue; } @@ -3242,11 +3242,11 @@ ast_log(LOG_WARNING, "Invalid time range starting with '%s-'.\n", part); continue; } - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid start time.\n", part); continue; } - if (sscanf(endpart, "%d:%d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { + if (sscanf(endpart, "%2d:%2d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid end time.\n", endpart); continue; } @@ -5541,7 +5541,7 @@ parens--; } else if (*var == ':' && parens == 0) { *var++ = '\0'; - sscanf(var, "%d:%d", offset, length); + sscanf(var, "%30d:%30d", offset, length); return 1; /* offset:length valid */ } } @@ -5945,7 +5945,7 @@ ipri = lastpri; else ast_log(LOG_WARNING, "Can't use 'same' priority on the first entry!\n"); - } else if (sscanf(pri, "%d", &ipri) != 1 && + } else if (sscanf(pri, "%30d", &ipri) != 1 && (ipri = ast_findlabel_extension2(NULL, con, realext, pri, cidmatch)) < 1) { ast_log(LOG_WARNING, "Invalid priority/label '%s' at line %d\n", pri, v->lineno); ipri = 0; Index: utils/muted.c =================================================================== --- utils/muted.c (revision 211538) +++ utils/muted.c (revision 211539) @@ -156,7 +156,7 @@ } else if (!strcasecmp(buf, "smoothfade")) { smoothfade = 1; } else if (!strcasecmp(buf, "mutelevel")) { - if (val && (sscanf(val, "%d", &x) == 1) && (x > -1) && (x < 101)) { + if (val && (sscanf(val, "%3d", &x) == 1) && (x > -1) && (x < 101)) { mutelevel = x; } else fprintf(stderr, "mutelevel must be a number from 0 (most muted) to 100 (no mute) at line %d\n", lineno); @@ -216,7 +216,7 @@ if (ports) { *ports = '\0'; ports++; - if ((sscanf(ports, "%d", &port) != 1) || (port < 1) || (port > 65535)) { + if ((sscanf(ports, "%5d", &port) != 1) || (port < 1) || (port > 65535)) { fprintf(stderr, "'%s' is not a valid port number in the hostname\n", ports); return -1; } Index: utils/frame.c =================================================================== --- utils/frame.c (revision 211538) +++ utils/frame.c (revision 211539) @@ -355,7 +355,7 @@ double temp; char m, s, end; - k = sscanf(string, "%lf%c%c%c", &temp, &m, &s, &end); + k = sscanf(string, "%30lf%1c%1c%1c", &temp, &m, &s, &end); switch (k) { case 0: case EOF: case 4: @@ -396,7 +396,7 @@ double temp; char m, s, end; - k = sscanf(string, "%lf%c%c%c", &temp, &m, &s, &end); + k = sscanf(string, "%30lf%1c%1c%1c", &temp, &m, &s, &end); switch (k) { case 0: case EOF: case 2: case 4: @@ -476,7 +476,7 @@ if ((i = findoption( argcount, args, string)) > 0) { switch (sscanf(args[i] + 1 + strlen( string), - "%d%c", &temp, &c)) + "%30d%1c", &temp, &c)) { case 0: case EOF: case 2: argerrornum(args[i]+1, ME_NOINT); @@ -510,7 +510,7 @@ if ((i = findoption( argcount, args, string)) > 0) { - switch (sscanf(args[i] + 1 + strlen( string), "%lf%c", &temp, &end)) + switch (sscanf(args[i] + 1 + strlen( string), "%30lf%1c", &temp, &end)) { case 0: case EOF: case 2: argerrornum(args[i]+1, ME_NODOUBLE); @@ -545,7 +545,7 @@ if ((i = findoption( argcount, args, string)) > 0) { switch (sscanf(args[i] + 1 + strlen( string), - "%lf%c%c%c", &vol, &sbd, &sbb, &end)) + "%30lf%1c%1c%1c", &vol, &sbd, &sbb, &end)) { case 0: case EOF: case 4: weird = TRUE; @@ -593,7 +593,7 @@ char sbd, sbb, end; *result = 1.0; - k = sscanf(s, "%lf%c%c%c", result, &sbd, &sbb, &end); + k = sscanf(s, "%30lf%1c%1c%1c", result, &sbd, &sbb, &end); switch (k) { case 0: Index: cdr/cdr_pgsql.c =================================================================== --- cdr/cdr_pgsql.c (revision 211538) +++ cdr/cdr_pgsql.c (revision 211539) @@ -237,7 +237,7 @@ ast_cdr_getvar(cdr, cur->name, &value, buf, sizeof(buf), 0, 0); if (strncmp(cur->type, "int", 3) == 0) { long long whatever; - if (value && sscanf(value, "%lld", &whatever) == 1) { + if (value && sscanf(value, "%30lld", &whatever) == 1) { LENGTHEN_BUF2(26); ast_str_append(&sql2, 0, "%s%lld", first ? "" : ",", whatever); } else { @@ -246,7 +246,7 @@ } } else if (strncmp(cur->type, "float", 5) == 0) { long double whatever; - if (value && sscanf(value, "%Lf", &whatever) == 1) { + if (value && sscanf(value, "%30Lf", &whatever) == 1) { LENGTHEN_BUF2(51); ast_str_append(&sql2, 0, "%s%30Lf", first ? "" : ",", whatever); } else { @@ -501,7 +501,7 @@ ast_verb(4, "Found column '%s' of type '%s'\n", fname, ftype); cur = ast_calloc(1, sizeof(*cur) + strlen(fname) + strlen(ftype) + 2); if (cur) { - sscanf(flen, "%d", &cur->len); + sscanf(flen, "%30d", &cur->len); cur->name = (char *)cur + sizeof(*cur); cur->type = (char *)cur + sizeof(*cur) + strlen(fname) + 1; strcpy(cur->name, fname); Index: cdr/cdr_adaptive_odbc.c =================================================================== --- cdr/cdr_adaptive_odbc.c (revision 211538) +++ cdr/cdr_adaptive_odbc.c (revision 211539) @@ -460,7 +460,7 @@ case SQL_TYPE_DATE: { int year = 0, month = 0, day = 0; - if (sscanf(colptr, "%d-%d-%d", &year, &month, &day) != 3 || year <= 0 || + if (sscanf(colptr, "%4d-%2d-%2d", &year, &month, &day) != 3 || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || ((month == 4 || month == 6 || month == 9 || month == 11) && day == 31) || (month == 2 && year % 400 == 0 && day > 29) || @@ -483,7 +483,7 @@ case SQL_TYPE_TIME: { int hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d:%d:%d", &hour, &minute, &second); + int count = sscanf(colptr, "%2d:%2d:%2d", &hour, &minute, &second); if ((count != 2 && count != 3) || hour < 0 || hour > 23 || minute < 0 || minute > 59 || second < 0 || second > 59) { ast_log(LOG_WARNING, "CDR variable %s is not a valid time ('%s').\n", entry->name, colptr); @@ -499,7 +499,7 @@ case SQL_TIMESTAMP: { int year = 0, month = 0, day = 0, hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d-%d-%d %d:%d:%d", &year, &month, &day, &hour, &minute, &second); + int count = sscanf(colptr, "%4d-%2d-%2d %2d:%2d:%2d", &year, &month, &day, &hour, &minute, &second); if ((count != 3 && count != 5 && count != 6) || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || @@ -525,7 +525,7 @@ case SQL_INTEGER: { int integer = 0; - if (sscanf(colptr, "%d", &integer) != 1) { + if (sscanf(colptr, "%30d", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -538,7 +538,7 @@ case SQL_BIGINT: { long long integer = 0; - if (sscanf(colptr, "%lld", &integer) != 1) { + if (sscanf(colptr, "%30lld", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -551,7 +551,7 @@ case SQL_SMALLINT: { short integer = 0; - if (sscanf(colptr, "%hd", &integer) != 1) { + if (sscanf(colptr, "%30hd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -564,7 +564,7 @@ case SQL_TINYINT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -577,7 +577,7 @@ case SQL_BIT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -593,7 +593,7 @@ case SQL_DECIMAL: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); continue; } @@ -608,7 +608,7 @@ case SQL_DOUBLE: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); continue; } Property changes on: . ___________________________________________________________________ Modified: branch-1.4-merged - /branches/1.4:1-43376,43383,43386,43388,43392,43396,43405,43410,43422,43441,43445,43450,43454,43456,43464,43466,43469,43477,43482,43486,43489,43492,43518,43524,43553,43564,43616,43635-43702,43704-43755,43757-43800,43802-43846,43852,43861-43862,43864,43873,43877,43893,43898-43899,43913,43915,43918-43919,43933,43944,43952,43978,43993,43996-44012,44022,44034-44043,44053,44055,44057,44068,44078,44090,44111,44125,44135,44166-44167,44169,44186,44199,44215,44283-44286,44298,44312,44322,44378,44390,44393,44433,44436,44450,44476,44486,44502,44559,44561-44563,44581,44605,44628,44631,44684,44759,44764,44786,44788,44806,44808-44809,44819,44888,44911,44921,44942,44945,44956,44971,44982,44994,45026-45027,45031,45040,45049,45051,45066,45079,45088,45104,45106,45125,45196,45213,45262,45280,45327,45378,45408,45410,45439,45441,45452,45517,45595,45622,45646,45678,45692,45694,45741,45775,45817-45818,45916,45928,45999,46065,46067,46078,46080,46082-46113,46118-46141,46143-46154,46200,46216,46237,46249,46252,46276,46298,46329,46347,46351-46353,46358,46363,46367,46370,46377,46382,46389,46398,46403,46407,46433,46474,46506,46511,46526,46554,46558,46561,46563,46606,46628,46631,46714,46744,46775,46778,46780,46822,46845,46847,46857,46901,46930,46937,46965,46992,47015,47051,47053,47192,47195-47196,47199,47239,47250,47268,47279,47284,47287,47309,47327,47331,47333,47352,47366,47372,47375,47377,47380,47391,47398,47405,47414,47418,47432-47433,47436,47454,47457,47463,47466,47474,47476,47492,47494,47497,47507,47509,47511,47513,47523,47526-47527,47540,47551,47572,47581,47584,47597,47617,47621,47625,47628,47632,47635,47639,47641,47645,47656,47684,47690,47693,47698,47701,47707,47709,47712,47733,47744,47748,47751,47755,47758,47764,47777,47782,47823,47843,47845,47850,47852,47860,47864-47865,47897,47944,47959,47989,47992,48002,48015,48017,48031,48038,48049,48054,48088,48095,48101,48105,48107,48113,48115,48129,48135,48143,48152,48155,48158,48166,48168,48177,48179,48186,48190,48193,48199,48219,48223,48228,48230,48248,48252,48254,48264,48279,48317,48323,48326,48349,48357,48363,48372,48375,48377,48379,48381-48382,48391,48396,48399,48401,48427,48461,48472,48478,48481,48487,48502,48504,48506,48513,48521,48525,48528,48548,48554,48564,48571,48577,48586,48592,48596,48637,48783,48870,48888,48906,48944,48948,48956,48960,48964,48966,48975,48977,48980,48982,48985,48987-48988,48993,48995,48997,49006,49009,49024,49028,49046,49061,49063,49066,49073,49098-49099,49102,49145,49165,49237,49259,49313,49355,49413,49457-49461,49465,49523,49536,49551,49553,49581,49600,49636,49680,49705,49712,49714-49715,49742,49831,49834,49866,49890,49925,49945,49983,50006,50032,50073,50098,50124,50151,50228,50266,50298,50346,50377,50405,50433,50466,50468,50562,50602,50647,50674,50727,50754,50782,50820,50867,50895,50957,50994,51030,51057,51087,51146,51148,51150,51159,51162,51165,51167,51170,51172,51176,51182,51186,51195,51198,51204-51205,51211,51213,51233,51236,51241,51243,51251,51256,51262,51265,51272,51274,51311,51326,51328,51331,51339,51341,51343,51348,51350,51407,51409,51513,51558,51615,51683,51716,51750,51781,51788,51829,51848,51931,51989,52016,52049,52052,52107,52160,52163,52208,52210,52265,52335,52370,52416,52462,52494-52506,52523,52572,52611,52645,52647,52679,52688,52695,52717,52763,52807-52808,52904,52952,52997,52999,53001,53035,53037,53040,53042,53046,53050,53052,53057,53062,53064,53070,53072,53075,53079,53081,53085,53088,53093,53097,53104,53109,53114,53118,53120,53131,53136,53138,53143,53150,53152,53246,53294,53324,53355,53358,53399,53429,53434,53464,53497,53530,53532,53601,53715,53749,53779-53781,53783,53810,53850,53879-53881,54002,54066,54103,54204,54218,54235,54290,54375,54481,54623,54714,54772,54787,54884,54886,54888,54898,54924,54969,55002,55006,55050,55052,55086,55129,55154,55217,55219,55278,55397,55435,55483,55553,55555,55590,55634,55670,55688,55717,55741,55758,55799,55834,55869,55914,55947,55949,55951,55954,55957,56008,56011,56055,56094,56125,56231,56277,56341,56372,56407,56457,56505,56569,56685,56740,56783,56785,56805,56839,56847,56856,56888,56975,57049,57053,57055,57089,57093,57139,57144,57146,57203,57207,57318,57364,57396,57426,57473,57477,57556,57649,57768,57770,57798,57826,57870,57872,57914,58023,58053,58119,58121,58165,58240,58243,58320,58351-58352,58354,58389,58436,58474,58479,58510,58512,58584,58604,58638,58669,58705,58779,58783,58825-58826,58843,58845,58848,58902,58906,58923,58931,58933,58935,58937,58941,58946-58947,58953,58957,58992,59035,59037,59040,59049,59064,59076,59078,59081,59087,59089,59145,59180,59182,59188,59195,59200,59202,59206,59213,59215,59217,59223,59225,59228,59254,59256,59259,59261-59262,59273,59275,59278,59281,59284,59289,59302,59304,59341,59358,59361,59363,59452,59486,59522,59573,59654,59688,59724,59774,59804,59853,59887,59936,59939,59963,60069,60088,60112,60137,60214,60265,60268,60323,60325,60361,60399,60459,60485,60521,60565,60603,60661,60712-60713,60762,60798,60847,60850,60936,60984,60989,61183,61342-61443,61477,61641,61644-61645,61648,61651,61656,61658,61674,61676,61678,61681,61683,61686,61690,61694,61697,61705,61707,61763,61765,61772,61774,61779,61787,61799,61805,61863,61870,61914,61959,61961,62005,62038,62137,62171,62174,62218,62331,62369,62371,62414,62419,62497,62545,62548,62624,62689,62692,62738,62789,62797-62807,62842,62883,62912,62942,62986,62989,63047,63099,63152,63254,63286,63329,63360,63403,63445,63448,63478,63532,63534-63535,63566,63608,63611-63612,63698,63749,63804,63830,63872,63886,63905,63982,64044,64086,64114,64157,64193,64240,64276,64278,64306,64324,64353,64426,64515-64516,64543,64578,64602,64686,64720,64754,64756,64759,64761,64820,64868,64904,64974,65039,65076,65123,65200-65201,65250,65342,65408,65501,65541,65589,65677,65679-65680,65683,65685,65768,65836,65839,65841-65842,65853,65863,65866,65965-65967,65978,66026,66029-66030,66070,66074,66076,66157,66159,66363,66398,66404,66414,66437,66474,66503,66538,66671,66768,66770,66775,66821,66879,66881,66897,66916,66919,67020-67021,67026,67061,67064,67066,67068,67071,67073,67119,67121,67156,67158,67162,67210,67270,67304,67308,67329,67334,67360,67420,67457,67492,67526,67558,67594,67597,67626,67631,67650,67716,67804,67862,67872,67924,67941,67993,68027-68028,68030,68071,68157,68192,68198,68211,68249,68280,68313,68326,68354,68370,68401,68450,68527,68595,68644,68683,68733,68781,68814,68922,69010,69012,69014,69016,69069,69071,69128,69144,69181,69183-69184,69221,69259,69358,69392,69434,69470,69518,69558,69579,69625,69660-69661,69668,69689,69702,69708,69744,69775,69794,69796,69805,69847,69895,69944,69987,70003,70062,70084,70164,70198,70360,70397,70445,70494,70552,70554,70560,70612,70656,70677,70726-70727,70808,70841,70866,70883,70899,70949,71003,71063,71096,71106,71118,71120-71123,71214,71230,71289,71291,71362,71371,71412,71422,71430,71519,71522,71576,71657,71751,71796,71877,71915,71953,72006,72042,72112,72125,72148,72257,72260,72272,72328,72331,72335,72381,72383,72556,72705,72766,72806,72850-72852,72888,72926,72933,73005,73053,73208,73253,73316,73319,73355,73398,73400,73467,73512,73548,73551,73555,73598,73629,73675,73679,73696,73727,73769,73849,73930,73980,73985,74043,74045,74047,74082,74120,74122,74159,74162,74211,74265,74314,74317,74323,74374,74379,74388,74428,74476,74515,74572,74642,74722,74767,74815,74864,74866,74888,74922,74955,74997,75053,75067,75078,75108,75253,75306,75401,75403,75405,75441,75445,75450,75529,75583,75619,75621,75623,75658,75707,75711,75732,75749,75759,75807,75928,75969,75978,76067,76087,76132,76139,76174,76211,76485,76519,76561,76618,76620,76654,76656,76708,76801,76803,76937,76983,77071,77154,77176,77191,77318,77348,77350,77380,77410,77424-77429,77460,77490,77536,77540,77571,77768,77771,77778,77780,77783,77785,77788,77794-77795,77824,77827,77831,77844,77852,77854,77863,77865,77867,77869,77883,77886-77887,77890,77894,77939,77943,77945,77947,77949,77993,77996,78028,78063,78095,78101,78103,78242,78275,78371,78375,78415,78437,78450,78488,78569,78575,78646,78717,78749,78778,78859,78891,78907,78936,78951,78955,78995,79044,79049,79142,79174,79207,79214,79255,79397,79436,79470,79523,79527,79553,79642,79665,79690,79748,79756,79778,79792,79833,79857,79902,79904,79906,79912,79947,79998,80044,80047,80049,80130,80132,80166,80183,80255,80257,80302,80304,80330,80360,80362,80390,80424,80426,80469,80499,80501,80539,80547,80573,80661,80717,80722,80750,80789,80820,80849,80895,80932,80974,81010,81012,81042,81065,81074,81120,81158,81189,81226,81291,81331,81340,81342,81346,81349,81367,81369,81373,81379,81381,81383,81392,81395,81397,81401,81403,81405-81406,81410,81412,81415-81416,81418,81426,81433,81435,81437,81439,81442,81448,81453,81455,81520,81523,81525,81569,81599,81650,81682,81713,81743,81776,81778,81826,81832,81886,81923,81952,81997,82028,82091,82155,82236,82238,82240,82243,82245,82250,82252,82261,82263,82265,82267,82274,82278,82280,82285-82286,82291,82296,82309,82326,82335,82337,82339,82344,82346,82358,82376,82385,82394,82396,82435,82444,82514,82590-82592,82594,82644,82676,82751,82802,82834,82865,82867,82929,82961,82992,83023-83024,83070,83074,83121,83175,83177,83179,83230,83232,83246,83316,83348,83432,83558,83589,83637,83695,83773,83879,83910,83941,83943,83974,83976,84018,84049,84078,84133,84146,84158,84160,84166,84170,84206,84236,84239,84271,84274,84291,84370,84410,84474,84511,84581,84637,84690,84692,84742,84783,84818,84851,84890,84902,84957,84990,85023,85057,85093,85158,85195,85242,85276,85280,85316,85356,85515,85517,85523,85532-85533,85540,85543,85545,85552,85556,85559,85561,85571,85604,85647,85649,85684,85686,85720,85818,85850,85896,85921,85958,85994,85997,86032,86063,86066,86117,86149,86202,86237,86296,86328,86330,86405,86469,86471,86502,86598,86630,86661,86663,86694,86726,86750,86754,86756,86787,86836,86880-86881,86902,86936,86982,87069,87120,87168,87262,87294,87342,87373,87396,87460,87567,87571,87650,87686,87739,87775,87849,87852,87906,87908,87970,88026,88078,88116,88210,88283,88328,88366,88539,88585,88624,88671,88709,88719,88765,88768,88805,88826,88862,88931,88994,89032,89036-89037,89042,89045-89046,89053,89079,89088,89090,89093,89095,89097,89099,89101,89103,89105,89115,89119,89125,89169-89173,89184,89194,89205,89239,89241,89246,89248,89260,89275,89280-89281,89286,89288,89296,89298,89301-89302,89323,89325,89416,89419,89450,89457,89491,89493,89495,89527,89534,89536,89540,89545,89559,89571,89577,89580,89586-89587,89592,89594,89599,89610,89618,89622,89624,89630-89631,89634,89701,89709,89790,89837,89839,89844,89886,89893,90059,90098,90101,90142,90145,90154-90155,90160,90163,90166-90545,90547-90753,90876,90967,91070,91074,91192,91237,91273,91292,91366,91439,91450,91637,91675,91677,91693,91737,91777,91780,91783,91826,91828,91830,91890,92158,92202,92204,92323,92363,92443,92463,92617,92696,92803,92807,92809,92815,92875,92933-92934,92937,93180,93182,93250,93291,93336,93377,93381,93625,93668,93949,93955,94077,94122,94251,94256,94418,94420,94464,94468,94538,94540,94660,94763,94767,94789-94790,94793,94797,94801,94808,94824,94828-94829,94905,94924,94977,95024,95095,95191,95470,95577,95890,95946,96102,96198-96199,96318,96394,96449,96525,96573,96575,96644,96884,96932,97077,97093,97152,97192,97194-97195,97304,97308,97350,97410,97448,97450,97489,97491,97529,97575,97618,97622,97640,97645,97697,97734,97753,97847,97849,97889,97925,97973,97976,98164,98219,98315,98317,98325,98372,98390,98467,98733,98774,98894,98934,98943,98946,98951,98955,98958,98960,98964,98966,98991,99004,99079,99081,99187,99301,99341,99426,99540,99592,99594,99643,99652,99718,99775,99777,99923,99975,99977-99978,100138,100164,100264,100378,100465,100581,100624,100626,100629,100672,100675,100740,100793,100835,100882,100922,100930,100932,100973,101035,101080,101152,101216,101219,101222,101413-101414,101433,101480,101482,101531,101601,101649,101693,101772,101818,101822,101894,101942,101989,102090,102142,102214,102323,102378,102450,102453,102576,102651,102725,102807,102858,102968,103070,103120,103197,103315,103324,103385,103683,103688,103690,103722,103726,103728,103741,103763,103770,103780,103786,103790,103795,103801,103812,103821,103823,103845,103904,103953,103956,104015,104037,104082,104084,104086,104092,104094-104095,104102,104106,104119,104132,104135,104139,104141,104334,104536,104593,104596,104598,104625,104665,104704,104783,104787,104841,105059,105113,105116,105261,105326,105409,105557,105560,105563,105565,105568,105570,105572,105674,105676,105932,106015,106038,106235,106237,106328,106437,106552,106606,106635,106704,106788,106842,106895,106945,107016,107099,107102,107158,107161,107173,107230,107290,107352,107405,107408,107461,107464,107637,107646,107713-107714,107826,107877,108031,108083,108086,108135,108227,108288,108469,108530,108583,108682,108737,108792,108796,108961,109012,109107,109226,109309,109386,109575,109648,109713,109763,109838,109908,109973,110019,110035,110083,110163,110336,110395,110474,110614,110628,110635,110779,110962,111014,111020,111024,111049,111121,111126,111129,111245,111280,111341,111391,111442,111605,111658,111720,111856,112068,112125,112138,112204,112209,112393,112468,112599,112711,112766,112820,113012,113065,113117-113118,113296,113348,113399,113402,113454,113504,113596,113681,113784,113874,113927,114021,114029,114035,114045,114051,114063,114083,114100,114103,114106,114112,114117,114120,114133,114138,114148,114184,114191,114195,114198,114204,114207,114226,114230,114242,114257,114275,114278,114284,114322,114537,114558,114571,114579,114584,114587,114591,114594,114597,114600,114603,114608,114621,114624,114628,114632,114662,114673,114689,114695,114708,114823,114829,114848,114875,114880,114890-114891,115017,115102,115196,115276,115279,115282,115285,115304,115308,115312,115320,115327,115333,115341,115415,115418,115422,115512,115545,115551,115554,115557,115561,115565,115568,115579,115884,115944,115990,116038,116088,116230,116296,116352,116409,116463,116466,116799,116978,117081,117086,117135,117462,117479,117507,117514,117519,117574,117582,117899,118048,118052,118163,118251,118358,118365,118465,118509,118551,118558,118646,118858,118953-118954,118956,118961,119009,119012,119071,119156,119238,119301,119354,119404,119478,119530,119533,119585,119636,119687,119742,119838,119926,119929,120001,120168,120173,120226,120282,120285,120425,120513,120675,120863-120885,120908,120959,121078,121229,121280,121442,121495,121596,121751,121804,121861,122046,122127,122130,122137,122259,122311,122713,122869,122919,123110,123113,123271,123274,123333,123391,123485,123710,123769,123869,123883,123909,123930,124112,124182,124315,124372,124395,124450,124540,124910,124965,125132,125218,125276,125327,125384,125585,125587,125740,125793,126056,126516,126573,126735,126789,126844,126899,126902,126999,127068,127133,127244,127560,127663,127892-127895,127973,128639,128737,128795,128812,128856,128912,128950,129047,129149,129343,129436,129567,129741,129803,129907,129966-129967,129970,130039,130102,130169,130173,130236,130514,130573,130634,130735,130792,130889,130959,131012,131242,131299,131357,131369,131421,131491,131790,131915,131921,131970,131985,131988,132107,132112,132311,132571,132641-132642,132645,132704,132712-132713,132826,132872,133038,133101,133104,133169,133295,133488,133572,133578,133649,134161,134254,134352,134475,134480,134536,134540,134595,134649,134758,134883,134915,134983,135055,135058,135473,135479,135482,135536,135597,135747,135799,135841-135850,135899,135915,135949,136062,136190,136241,136484,136488,136726,136946,137138,137405,137530,137679,137731,137847,138023,138027,138119-138238,138258,138360,138886,138942,139015,139074,139213,139347,139387,139456,139466,139553,139621,139635,139764,139869,139909,139927,140051,140056,140060,140421,140488,140605,140670,140690,140747,140751,140816,140850,141028,141094,141156,141366,141503,141565,141741,141806,141809,142063,142079,142218,142354,142358,142416,142474,142575,142675,142740,142744,142807,142865,142927,143140,143337,143404,143534,143736,143903,144066,144238,144356,144677,144924-144925,145293-145838,145840-146128,146130-146243,146245-147428,147431-147940,147942-148989,148991-149839,149841-150055,150057-150297,150299-150300,150302-150556,150558-150636,150638-150815,150817-151099,151101-151166,151168-151762,151764-153094,153096-153269,153271-153822,153824-154723,154725-156484,156486-156509,156511-157502,157504-158010,158053,158071,158126,158483,158539,158600,158603,159025,159246,159269,159316,159476,159808,159897,159900,159976,160003,160207,160297,160480,160551,160558,160703,160770,160943,161013,161287,161426,161725,161948,162013-162014,162136,162188,162204,162264-162265,162273,162286,162341,162348,162413,162463,162653,162659,162663,162738,162804,162874,162926,163080,163084,163088,163092,163253,163316,163383,163448,163511,163761,164201,164350,164416,164422,164605,164634,164672,164736,164806,164876,164881,164977,165317,165591,165661,165767,165796,165889,166093,166297,166380,166509,166568,166772,166953,167095,167179,167260,167299,167432,167541,167545,167554,167566,167714,167840,168128,168191,168198,168267,168480,168507,168516,168546,168551,168561,168593,168603,168608,168614,168622,168628,168716,168721,168745,168828,168975,169210,169364,169485,169722,169867,169943,170050,170147,170158,170239,170392,170504,170568,170588,170648,170671,170719,170836,170979,171187,171264,171527,171621,171837,171963,172030,172169,172438,172962,173066,173070,173211,173392,173396,173559,173592,173692,173696,173917,173967-173968,174082,174148,174218,174282,174369,174583,175029,175124,175187,175294,175311,175590,175777,175792,175825,175921,176029,176216,176249-176252,176254,176354,176426,176661,176701,177096,177225,177383,177536,177540,177701,177786,178141,178205,178373,178445,178508,178804,178956,179395,179461,179468,179532,179536,179608,179671,179741,179807,179840,180006,180194,180372,180380,180464,180532,180567,180941,181029-181031,181295,181328,181340,181423,181436,181655,181659-181660,181664,181768,181898,181990,182208,182281,182449,182808,182810,182882,183115,183123,183126,183145,183238,183241,183291,183319,183342,183386,183559,183700,183913,184078,184188,184388,184447,184565,184842,184947,185031,185120-185121,185196,185362,185468,185599,185771,185845,185952,186059,186081,186174,186229,186320,186415,186445,186458,186719,186775,186832,186841,186984,187045,187209,187300-187301,187362,187428,187482,187484,187763,188582,188646,188773,188833-189134,189203,189277,189391,189462-189463,189465,189601,189664,189849,190286,190356,190661-190662,190721,191220,191488,191559,192213,192429,192454,192524,192633,192858,192932,193050,193119,193193,193262,193544,193613,193755,193955,194028,194137,194208,194484,194509,194557-194685,194764,194873,195020,195095,195206,195366,195448,195520,195635,195688,195881,195991,196116,196657,196826,197194,197466,197537,197562,197588,197998,198068,198251,198311,198370,199022,199138,199297,199626-199628,199856,200360,200513,200875,200991,201261,201380,201423,201450,201600,201828,201993,202336,202341-202342,202414,202496,202671,202966,203036,203115,203311,203375,203380,203785,203848,203908,204243-204246,204300,204469,204474,204556,204681,204834,205188,205215,205288,205349,205409,205471,205599,205775,205804,205877,206284,206385,206487,206635,206706,206807,206867,206872,206938,207155,207360,207423,207647,207714,207827,207945,208083,208262,208312,208380,208386,208587,208592,208746,208923,209131,209315,209759,209838,209879,210237,210563,210575,210913,211038,211112,211274 + /branches/1.4:1-43376,43383,43386,43388,43392,43396,43405,43410,43422,43441,43445,43450,43454,43456,43464,43466,43469,43477,43482,43486,43489,43492,43518,43524,43553,43564,43616,43635-43702,43704-43755,43757-43800,43802-43846,43852,43861-43862,43864,43873,43877,43893,43898-43899,43913,43915,43918-43919,43933,43944,43952,43978,43993,43996-44012,44022,44034-44043,44053,44055,44057,44068,44078,44090,44111,44125,44135,44166-44167,44169,44186,44199,44215,44283-44286,44298,44312,44322,44378,44390,44393,44433,44436,44450,44476,44486,44502,44559,44561-44563,44581,44605,44628,44631,44684,44759,44764,44786,44788,44806,44808-44809,44819,44888,44911,44921,44942,44945,44956,44971,44982,44994,45026-45027,45031,45040,45049,45051,45066,45079,45088,45104,45106,45125,45196,45213,45262,45280,45327,45378,45408,45410,45439,45441,45452,45517,45595,45622,45646,45678,45692,45694,45741,45775,45817-45818,45916,45928,45999,46065,46067,46078,46080,46082-46113,46118-46141,46143-46154,46200,46216,46237,46249,46252,46276,46298,46329,46347,46351-46353,46358,46363,46367,46370,46377,46382,46389,46398,46403,46407,46433,46474,46506,46511,46526,46554,46558,46561,46563,46606,46628,46631,46714,46744,46775,46778,46780,46822,46845,46847,46857,46901,46930,46937,46965,46992,47015,47051,47053,47192,47195-47196,47199,47239,47250,47268,47279,47284,47287,47309,47327,47331,47333,47352,47366,47372,47375,47377,47380,47391,47398,47405,47414,47418,47432-47433,47436,47454,47457,47463,47466,47474,47476,47492,47494,47497,47507,47509,47511,47513,47523,47526-47527,47540,47551,47572,47581,47584,47597,47617,47621,47625,47628,47632,47635,47639,47641,47645,47656,47684,47690,47693,47698,47701,47707,47709,47712,47733,47744,47748,47751,47755,47758,47764,47777,47782,47823,47843,47845,47850,47852,47860,47864-47865,47897,47944,47959,47989,47992,48002,48015,48017,48031,48038,48049,48054,48088,48095,48101,48105,48107,48113,48115,48129,48135,48143,48152,48155,48158,48166,48168,48177,48179,48186,48190,48193,48199,48219,48223,48228,48230,48248,48252,48254,48264,48279,48317,48323,48326,48349,48357,48363,48372,48375,48377,48379,48381-48382,48391,48396,48399,48401,48427,48461,48472,48478,48481,48487,48502,48504,48506,48513,48521,48525,48528,48548,48554,48564,48571,48577,48586,48592,48596,48637,48783,48870,48888,48906,48944,48948,48956,48960,48964,48966,48975,48977,48980,48982,48985,48987-48988,48993,48995,48997,49006,49009,49024,49028,49046,49061,49063,49066,49073,49098-49099,49102,49145,49165,49237,49259,49313,49355,49413,49457-49461,49465,49523,49536,49551,49553,49581,49600,49636,49680,49705,49712,49714-49715,49742,49831,49834,49866,49890,49925,49945,49983,50006,50032,50073,50098,50124,50151,50228,50266,50298,50346,50377,50405,50433,50466,50468,50562,50602,50647,50674,50727,50754,50782,50820,50867,50895,50957,50994,51030,51057,51087,51146,51148,51150,51159,51162,51165,51167,51170,51172,51176,51182,51186,51195,51198,51204-51205,51211,51213,51233,51236,51241,51243,51251,51256,51262,51265,51272,51274,51311,51326,51328,51331,51339,51341,51343,51348,51350,51407,51409,51513,51558,51615,51683,51716,51750,51781,51788,51829,51848,51931,51989,52016,52049,52052,52107,52160,52163,52208,52210,52265,52335,52370,52416,52462,52494-52506,52523,52572,52611,52645,52647,52679,52688,52695,52717,52763,52807-52808,52904,52952,52997,52999,53001,53035,53037,53040,53042,53046,53050,53052,53057,53062,53064,53070,53072,53075,53079,53081,53085,53088,53093,53097,53104,53109,53114,53118,53120,53131,53136,53138,53143,53150,53152,53246,53294,53324,53355,53358,53399,53429,53434,53464,53497,53530,53532,53601,53715,53749,53779-53781,53783,53810,53850,53879-53881,54002,54066,54103,54204,54218,54235,54290,54375,54481,54623,54714,54772,54787,54884,54886,54888,54898,54924,54969,55002,55006,55050,55052,55086,55129,55154,55217,55219,55278,55397,55435,55483,55553,55555,55590,55634,55670,55688,55717,55741,55758,55799,55834,55869,55914,55947,55949,55951,55954,55957,56008,56011,56055,56094,56125,56231,56277,56341,56372,56407,56457,56505,56569,56685,56740,56783,56785,56805,56839,56847,56856,56888,56975,57049,57053,57055,57089,57093,57139,57144,57146,57203,57207,57318,57364,57396,57426,57473,57477,57556,57649,57768,57770,57798,57826,57870,57872,57914,58023,58053,58119,58121,58165,58240,58243,58320,58351-58352,58354,58389,58436,58474,58479,58510,58512,58584,58604,58638,58669,58705,58779,58783,58825-58826,58843,58845,58848,58902,58906,58923,58931,58933,58935,58937,58941,58946-58947,58953,58957,58992,59035,59037,59040,59049,59064,59076,59078,59081,59087,59089,59145,59180,59182,59188,59195,59200,59202,59206,59213,59215,59217,59223,59225,59228,59254,59256,59259,59261-59262,59273,59275,59278,59281,59284,59289,59302,59304,59341,59358,59361,59363,59452,59486,59522,59573,59654,59688,59724,59774,59804,59853,59887,59936,59939,59963,60069,60088,60112,60137,60214,60265,60268,60323,60325,60361,60399,60459,60485,60521,60565,60603,60661,60712-60713,60762,60798,60847,60850,60936,60984,60989,61183,61342-61443,61477,61641,61644-61645,61648,61651,61656,61658,61674,61676,61678,61681,61683,61686,61690,61694,61697,61705,61707,61763,61765,61772,61774,61779,61787,61799,61805,61863,61870,61914,61959,61961,62005,62038,62137,62171,62174,62218,62331,62369,62371,62414,62419,62497,62545,62548,62624,62689,62692,62738,62789,62797-62807,62842,62883,62912,62942,62986,62989,63047,63099,63152,63254,63286,63329,63360,63403,63445,63448,63478,63532,63534-63535,63566,63608,63611-63612,63698,63749,63804,63830,63872,63886,63905,63982,64044,64086,64114,64157,64193,64240,64276,64278,64306,64324,64353,64426,64515-64516,64543,64578,64602,64686,64720,64754,64756,64759,64761,64820,64868,64904,64974,65039,65076,65123,65200-65201,65250,65342,65408,65501,65541,65589,65677,65679-65680,65683,65685,65768,65836,65839,65841-65842,65853,65863,65866,65965-65967,65978,66026,66029-66030,66070,66074,66076,66157,66159,66363,66398,66404,66414,66437,66474,66503,66538,66671,66768,66770,66775,66821,66879,66881,66897,66916,66919,67020-67021,67026,67061,67064,67066,67068,67071,67073,67119,67121,67156,67158,67162,67210,67270,67304,67308,67329,67334,67360,67420,67457,67492,67526,67558,67594,67597,67626,67631,67650,67716,67804,67862,67872,67924,67941,67993,68027-68028,68030,68071,68157,68192,68198,68211,68249,68280,68313,68326,68354,68370,68401,68450,68527,68595,68644,68683,68733,68781,68814,68922,69010,69012,69014,69016,69069,69071,69128,69144,69181,69183-69184,69221,69259,69358,69392,69434,69470,69518,69558,69579,69625,69660-69661,69668,69689,69702,69708,69744,69775,69794,69796,69805,69847,69895,69944,69987,70003,70062,70084,70164,70198,70360,70397,70445,70494,70552,70554,70560,70612,70656,70677,70726-70727,70808,70841,70866,70883,70899,70949,71003,71063,71096,71106,71118,71120-71123,71214,71230,71289,71291,71362,71371,71412,71422,71430,71519,71522,71576,71657,71751,71796,71877,71915,71953,72006,72042,72112,72125,72148,72257,72260,72272,72328,72331,72335,72381,72383,72556,72705,72766,72806,72850-72852,72888,72926,72933,73005,73053,73208,73253,73316,73319,73355,73398,73400,73467,73512,73548,73551,73555,73598,73629,73675,73679,73696,73727,73769,73849,73930,73980,73985,74043,74045,74047,74082,74120,74122,74159,74162,74211,74265,74314,74317,74323,74374,74379,74388,74428,74476,74515,74572,74642,74722,74767,74815,74864,74866,74888,74922,74955,74997,75053,75067,75078,75108,75253,75306,75401,75403,75405,75441,75445,75450,75529,75583,75619,75621,75623,75658,75707,75711,75732,75749,75759,75807,75928,75969,75978,76067,76087,76132,76139,76174,76211,76485,76519,76561,76618,76620,76654,76656,76708,76801,76803,76937,76983,77071,77154,77176,77191,77318,77348,77350,77380,77410,77424-77429,77460,77490,77536,77540,77571,77768,77771,77778,77780,77783,77785,77788,77794-77795,77824,77827,77831,77844,77852,77854,77863,77865,77867,77869,77883,77886-77887,77890,77894,77939,77943,77945,77947,77949,77993,77996,78028,78063,78095,78101,78103,78242,78275,78371,78375,78415,78437,78450,78488,78569,78575,78646,78717,78749,78778,78859,78891,78907,78936,78951,78955,78995,79044,79049,79142,79174,79207,79214,79255,79397,79436,79470,79523,79527,79553,79642,79665,79690,79748,79756,79778,79792,79833,79857,79902,79904,79906,79912,79947,79998,80044,80047,80049,80130,80132,80166,80183,80255,80257,80302,80304,80330,80360,80362,80390,80424,80426,80469,80499,80501,80539,80547,80573,80661,80717,80722,80750,80789,80820,80849,80895,80932,80974,81010,81012,81042,81065,81074,81120,81158,81189,81226,81291,81331,81340,81342,81346,81349,81367,81369,81373,81379,81381,81383,81392,81395,81397,81401,81403,81405-81406,81410,81412,81415-81416,81418,81426,81433,81435,81437,81439,81442,81448,81453,81455,81520,81523,81525,81569,81599,81650,81682,81713,81743,81776,81778,81826,81832,81886,81923,81952,81997,82028,82091,82155,82236,82238,82240,82243,82245,82250,82252,82261,82263,82265,82267,82274,82278,82280,82285-82286,82291,82296,82309,82326,82335,82337,82339,82344,82346,82358,82376,82385,82394,82396,82435,82444,82514,82590-82592,82594,82644,82676,82751,82802,82834,82865,82867,82929,82961,82992,83023-83024,83070,83074,83121,83175,83177,83179,83230,83232,83246,83316,83348,83432,83558,83589,83637,83695,83773,83879,83910,83941,83943,83974,83976,84018,84049,84078,84133,84146,84158,84160,84166,84170,84206,84236,84239,84271,84274,84291,84370,84410,84474,84511,84581,84637,84690,84692,84742,84783,84818,84851,84890,84902,84957,84990,85023,85057,85093,85158,85195,85242,85276,85280,85316,85356,85515,85517,85523,85532-85533,85540,85543,85545,85552,85556,85559,85561,85571,85604,85647,85649,85684,85686,85720,85818,85850,85896,85921,85958,85994,85997,86032,86063,86066,86117,86149,86202,86237,86296,86328,86330,86405,86469,86471,86502,86598,86630,86661,86663,86694,86726,86750,86754,86756,86787,86836,86880-86881,86902,86936,86982,87069,87120,87168,87262,87294,87342,87373,87396,87460,87567,87571,87650,87686,87739,87775,87849,87852,87906,87908,87970,88026,88078,88116,88210,88283,88328,88366,88539,88585,88624,88671,88709,88719,88765,88768,88805,88826,88862,88931,88994,89032,89036-89037,89042,89045-89046,89053,89079,89088,89090,89093,89095,89097,89099,89101,89103,89105,89115,89119,89125,89169-89173,89184,89194,89205,89239,89241,89246,89248,89260,89275,89280-89281,89286,89288,89296,89298,89301-89302,89323,89325,89416,89419,89450,89457,89491,89493,89495,89527,89534,89536,89540,89545,89559,89571,89577,89580,89586-89587,89592,89594,89599,89610,89618,89622,89624,89630-89631,89634,89701,89709,89790,89837,89839,89844,89886,89893,90059,90098,90101,90142,90145,90154-90155,90160,90163,90166-90545,90547-90753,90876,90967,91070,91074,91192,91237,91273,91292,91366,91439,91450,91637,91675,91677,91693,91737,91777,91780,91783,91826,91828,91830,91890,92158,92202,92204,92323,92363,92443,92463,92617,92696,92803,92807,92809,92815,92875,92933-92934,92937,93180,93182,93250,93291,93336,93377,93381,93625,93668,93949,93955,94077,94122,94251,94256,94418,94420,94464,94468,94538,94540,94660,94763,94767,94789-94790,94793,94797,94801,94808,94824,94828-94829,94905,94924,94977,95024,95095,95191,95470,95577,95890,95946,96102,96198-96199,96318,96394,96449,96525,96573,96575,96644,96884,96932,97077,97093,97152,97192,97194-97195,97304,97308,97350,97410,97448,97450,97489,97491,97529,97575,97618,97622,97640,97645,97697,97734,97753,97847,97849,97889,97925,97973,97976,98164,98219,98315,98317,98325,98372,98390,98467,98733,98774,98894,98934,98943,98946,98951,98955,98958,98960,98964,98966,98991,99004,99079,99081,99187,99301,99341,99426,99540,99592,99594,99643,99652,99718,99775,99777,99923,99975,99977-99978,100138,100164,100264,100378,100465,100581,100624,100626,100629,100672,100675,100740,100793,100835,100882,100922,100930,100932,100973,101035,101080,101152,101216,101219,101222,101413-101414,101433,101480,101482,101531,101601,101649,101693,101772,101818,101822,101894,101942,101989,102090,102142,102214,102323,102378,102450,102453,102576,102651,102725,102807,102858,102968,103070,103120,103197,103315,103324,103385,103683,103688,103690,103722,103726,103728,103741,103763,103770,103780,103786,103790,103795,103801,103812,103821,103823,103845,103904,103953,103956,104015,104037,104082,104084,104086,104092,104094-104095,104102,104106,104119,104132,104135,104139,104141,104334,104536,104593,104596,104598,104625,104665,104704,104783,104787,104841,105059,105113,105116,105261,105326,105409,105557,105560,105563,105565,105568,105570,105572,105674,105676,105932,106015,106038,106235,106237,106328,106437,106552,106606,106635,106704,106788,106842,106895,106945,107016,107099,107102,107158,107161,107173,107230,107290,107352,107405,107408,107461,107464,107637,107646,107713-107714,107826,107877,108031,108083,108086,108135,108227,108288,108469,108530,108583,108682,108737,108792,108796,108961,109012,109107,109226,109309,109386,109575,109648,109713,109763,109838,109908,109973,110019,110035,110083,110163,110336,110395,110474,110614,110628,110635,110779,110962,111014,111020,111024,111049,111121,111126,111129,111245,111280,111341,111391,111442,111605,111658,111720,111856,112068,112125,112138,112204,112209,112393,112468,112599,112711,112766,112820,113012,113065,113117-113118,113296,113348,113399,113402,113454,113504,113596,113681,113784,113874,113927,114021,114029,114035,114045,114051,114063,114083,114100,114103,114106,114112,114117,114120,114133,114138,114148,114184,114191,114195,114198,114204,114207,114226,114230,114242,114257,114275,114278,114284,114322,114537,114558,114571,114579,114584,114587,114591,114594,114597,114600,114603,114608,114621,114624,114628,114632,114662,114673,114689,114695,114708,114823,114829,114848,114875,114880,114890-114891,115017,115102,115196,115276,115279,115282,115285,115304,115308,115312,115320,115327,115333,115341,115415,115418,115422,115512,115545,115551,115554,115557,115561,115565,115568,115579,115884,115944,115990,116038,116088,116230,116296,116352,116409,116463,116466,116799,116978,117081,117086,117135,117462,117479,117507,117514,117519,117574,117582,117899,118048,118052,118163,118251,118358,118365,118465,118509,118551,118558,118646,118858,118953-118954,118956,118961,119009,119012,119071,119156,119238,119301,119354,119404,119478,119530,119533,119585,119636,119687,119742,119838,119926,119929,120001,120168,120173,120226,120282,120285,120425,120513,120675,120863-120885,120908,120959,121078,121229,121280,121442,121495,121596,121751,121804,121861,122046,122127,122130,122137,122259,122311,122713,122869,122919,123110,123113,123271,123274,123333,123391,123485,123710,123769,123869,123883,123909,123930,124112,124182,124315,124372,124395,124450,124540,124910,124965,125132,125218,125276,125327,125384,125585,125587,125740,125793,126056,126516,126573,126735,126789,126844,126899,126902,126999,127068,127133,127244,127560,127663,127892-127895,127973,128639,128737,128795,128812,128856,128912,128950,129047,129149,129343,129436,129567,129741,129803,129907,129966-129967,129970,130039,130102,130169,130173,130236,130514,130573,130634,130735,130792,130889,130959,131012,131242,131299,131357,131369,131421,131491,131790,131915,131921,131970,131985,131988,132107,132112,132311,132571,132641-132642,132645,132704,132712-132713,132826,132872,133038,133101,133104,133169,133295,133488,133572,133578,133649,134161,134254,134352,134475,134480,134536,134540,134595,134649,134758,134883,134915,134983,135055,135058,135473,135479,135482,135536,135597,135747,135799,135841-135850,135899,135915,135949,136062,136190,136241,136484,136488,136726,136946,137138,137405,137530,137679,137731,137847,138023,138027,138119-138238,138258,138360,138886,138942,139015,139074,139213,139347,139387,139456,139466,139553,139621,139635,139764,139869,139909,139927,140051,140056,140060,140421,140488,140605,140670,140690,140747,140751,140816,140850,141028,141094,141156,141366,141503,141565,141741,141806,141809,142063,142079,142218,142354,142358,142416,142474,142575,142675,142740,142744,142807,142865,142927,143140,143337,143404,143534,143736,143903,144066,144238,144356,144677,144924-144925,145293-145838,145840-146128,146130-146243,146245-147428,147431-147940,147942-148989,148991-149839,149841-150055,150057-150297,150299-150300,150302-150556,150558-150636,150638-150815,150817-151099,151101-151166,151168-151762,151764-153094,153096-153269,153271-153822,153824-154723,154725-156484,156486-156509,156511-157502,157504-158010,158053,158071,158126,158483,158539,158600,158603,159025,159246,159269,159316,159476,159808,159897,159900,159976,160003,160207,160297,160480,160551,160558,160703,160770,160943,161013,161287,161426,161725,161948,162013-162014,162136,162188,162204,162264-162265,162273,162286,162341,162348,162413,162463,162653,162659,162663,162738,162804,162874,162926,163080,163084,163088,163092,163253,163316,163383,163448,163511,163761,164201,164350,164416,164422,164605,164634,164672,164736,164806,164876,164881,164977,165317,165591,165661,165767,165796,165889,166093,166297,166380,166509,166568,166772,166953,167095,167179,167260,167299,167432,167541,167545,167554,167566,167714,167840,168128,168191,168198,168267,168480,168507,168516,168546,168551,168561,168593,168603,168608,168614,168622,168628,168716,168721,168745,168828,168975,169210,169364,169485,169722,169867,169943,170050,170147,170158,170239,170392,170504,170568,170588,170648,170671,170719,170836,170979,171187,171264,171527,171621,171837,171963,172030,172169,172438,172962,173066,173070,173211,173392,173396,173559,173592,173692,173696,173917,173967-173968,174082,174148,174218,174282,174369,174583,175029,175124,175187,175294,175311,175590,175777,175792,175825,175921,176029,176216,176249-176252,176254,176354,176426,176661,176701,177096,177225,177383,177536,177540,177701,177786,178141,178205,178373,178445,178508,178804,178956,179395,179461,179468,179532,179536,179608,179671,179741,179807,179840,180006,180194,180372,180380,180464,180532,180567,180941,181029-181031,181295,181328,181340,181423,181436,181655,181659-181660,181664,181768,181898,181990,182208,182281,182449,182808,182810,182882,183115,183123,183126,183145,183238,183241,183291,183319,183342,183386,183559,183700,183913,184078,184188,184388,184447,184565,184842,184947,185031,185120-185121,185196,185362,185468,185599,185771,185845,185952,186059,186081,186174,186229,186320,186415,186445,186458,186719,186775,186832,186841,186984,187045,187209,187300-187301,187362,187428,187482,187484,187763,188582,188646,188773,188833-189134,189203,189277,189391,189462-189463,189465,189601,189664,189849,190286,190356,190661-190662,190721,191220,191488,191559,192213,192429,192454,192524,192633,192858,192932,193050,193119,193193,193262,193544,193613,193755,193955,194028,194137,194208,194484,194509,194557-194685,194764,194873,195020,195095,195206,195366,195448,195520,195635,195688,195881,195991,196116,196657,196826,197194,197466,197537,197562,197588,197998,198068,198251,198311,198370,199022,199138,199297,199626-199628,199856,200360,200513,200875,200991,201261,201380,201423,201450,201600,201828,201993,202336,202341-202342,202414,202496,202671,202966,203036,203115,203311,203375,203380,203785,203848,203908,204243-204246,204300,204469,204474,204556,204681,204834,205188,205215,205288,205349,205409,205471,205599,205775,205804,205877,206284,206385,206487,206635,206706,206807,206867,206872,206938,207155,207360,207423,207647,207714,207827,207945,208083,208262,208312,208380,208386,208587,208592,208746,208923,209131,209315,209759,209838,209879,210237,210563,210575,210913,211038,211112,211274,211528