Indicator Date and Time

Coverity SECURE_CODING - CID 10695

Bug #943747 reported by Product Strategy Coverity Bug Uploader
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Indicator Date and Time
Fix Released
Low
Charles Kerr
Indicator Date and Time 0.3.91
0.3
Fix Released
Undecided
Unassigned

Bug Description

This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 10695
Checker: SECURE_CODING
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/676.html
File: /tmp/buildd/indicator-datetime-0.3.90/src/datetime-prefs.c
Function: input_time_text()
Code snippet:
404
405 if (is_locale_12h ()) { // TODO: make this look-at/watch gsettings?
406 char ampm[51];
407
CID 10695 - SECURE_CODING
[VERY RISKY]. Using "sscanf" can cause a buffer overflow when done incorrectly. sscanf() assumes an arbitrarily large string, so callers must use correct precision specifiers or never use sscanf(). Use correct precision specifiers or do your own parsing.
408 scanned = sscanf (text, "%u:%u:%u %50s", &hour_in, &minute_in, &second_in, ampm);
409 passed = (scanned == 4);
410
411 if (passed) {
412 const char *pm_str = nl_langinfo (PM_STR);
413 if (g_ascii_strcasecmp (pm_str, ampm) == 0) {

Related branches

lp://staging/~charlesk/indicator-datetime/fix-943747
Ted Gould (community): Approve
Diff: 27 lines (+3/-0)
1 file modified
src/datetime-prefs.c (+3/-0)
lp://staging/~indicator-applet-developers/ubuntu/precise/indicator-datetime/upstream
Ken VanDine: Pending requested
Diff: 777 lines (+263/-171)
13 files modified
ChangeLog (+28/-0)
Makefile.am (+1/-35)
Makefile.am.coverage (+48/-0)
Makefile.in (+47/-41)
configure (+100/-64)
configure.ac (+4/-2)
data/Makefile.in (+0/-1)
debian/changelog (+10/-0)
m4/gcov.m4 (+13/-10)
src/Makefile.in (+0/-1)
src/datetime-prefs.c (+1/-8)
src/datetime-service.c (+11/-8)
tests/Makefile.in (+0/-1)
Revision history for this message
Product Strategy Coverity Bug Uploader (coverity-uploader) wrote : indicator-datetime-0.3: /tmp/buildd/indicator-datetime-0.3.90/src/datetime-prefs.c

Source file with Coverity annotations.

Changed in indicator-datetime:
importance: Undecided → Medium
Charles Kerr (charlesk)
Changed in indicator-datetime:
importance: Medium → Low
status: New → In Progress
assignee: nobody → charles (charlesk)
Revision history for this message
Charles Kerr (charlesk) wrote :

Fixed in http://bazaar.launchpad.net/~indicator-applet-developers/indicator-datetime/trunk.0.4/revision/158

Changed in indicator-datetime:
status: In Progress → Fix Committed
Ted Gould (ted)
Changed in indicator-datetime:
milestone: none → 0.3.91
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.