similar to: RFC: *scanf vs. overflow

The context to this is that nbdkit uses sscanf to parse simple file formats in various places, eg: https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f182c20fa3dc/plugins/data/format.c#L171-L172 https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f182c20fa3dc/filters/ddrescue/ddrescue.c#L98 We can only do this safely where we can prove that overflow does not

On 9/19/19 10:26 AM, Richard W.M. Jones wrote: > This filter can be used to transparently reopen/retry when a plugin > fails. The connection is closed and reopened which for most plugins > causes them to attempt to reconnect to their source. > > For example if doing a long or slow SSH copy: > > nbdkit -U - ssh host=remote /var/tmp/test.iso \ > --run 'qemu-img

It's equivalent to __printf, so prefer __scanf. Signed-off-by: Joe Perches <joe at perches.com> --- include/linux/compiler-gcc.h | 3 ++- include/linux/kernel.h | 8 ++++---- include/xen/xenbus.h | 4 ++-- scripts/checkpatch.pl | 6 ++++++ 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/include/linux/compiler-gcc.h

It's equivalent to __printf, so prefer __scanf. Signed-off-by: Joe Perches <joe at perches.com> --- include/linux/compiler-gcc.h | 3 ++- include/linux/kernel.h | 8 ++++---- include/xen/xenbus.h | 4 ++-- scripts/checkpatch.pl | 6 ++++++ 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/include/linux/compiler-gcc.h

A few fixes and a possible enhancement to the ddrescue filter. If you think these are all OK, I will squash it into your patch and push it. Rich.

On Wed, Jan 31, 2018 at 09:26:39PM -0600, Eric Blake wrote: > +static int > +blocksize_parse (const char *name, const char *s, unsigned int *v) Maybe use nbdkit_parse_size? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to

sscanf is sadly not safe (because it doesn't handle integer overflow correctly), and strto*l functions are a pain to use correctly. Therefore add some functions to hide the pain of parsing integers from the command line. The simpler uses of sscanf and strto*l are replaced. There are still a few where we are using advanced features of sscanf. --- docs/nbdkit-plugin.pod | 48

On Mon, Sep 23, 2019 at 12:05:11PM -0500, Eric Blake wrote: > > + int nbdkit_parse_long (const char *what, const char *str, long *r); > > + int nbdkit_parse_unsigned_long (const char *what, > > + const char *str, unsigned long *r); > > Do we really want to encourage the use of parse_long and > parse_unsigned_long? Those differ between

On Sat, May 23, 2020 at 09:28:26AM -0700, Paul Eggert wrote: > On 5/23/20 9:11 AM, Rich Felker wrote: > > > stopping on an initial prefix ... does not admit easily sharing a backend with strto*. > > I don't see why. If the backend has a "stop scanning on integer overflow" flag > (which it would need to have anyway, to support the proposed behavior), then >

On Fri, May 22, 2020 at 08:06:34PM -0700, Paul Eggert wrote: > On 5/22/20 6:16 PM, Rich Felker wrote: > > A new feature > > will not reliably be usable for decades in portable software, but new > > documentation of existing universal practice would be immediately > > usable. > > We could do both. > > Also, we could change glibc's behavior in a simpler

On 5/22/20 2:53 PM, Richard W.M. Jones wrote: > Use vector type to store map ranges. > > Test filenames unique. > > Remove some unused variables. > > Break up long lines. > --- > @@ -95,7 +95,8 @@ parse_mapfile (const char *filename) > continue; > } > > - if (sscanf (line, "%" SCNi64 "\t%" SCNi64 "\t%c",

As far as I can tell, there are two places in which dovecot does not use scanf properly. This patch should fix that. -------------------------------------------------------------------------------- diff -r 8a3d0426f514 src/lib-dns/dns-lookup.c --- a/src/lib-dns/dns-lookup.c Sat Nov 23 23:22:09 2013 +0000 +++ b/src/lib-dns/dns-lookup.c Sun Nov 24 06:30:12 2013 +0100 @@ -102,7 +102,7 @@

http://bugzilla.mindrot.org/show_bug.cgi?id=258 Summary: scanf format not portable Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: liug at

I have an old (1997) Best Ferrups (model FE18KVA) that I am trying to monitor for the first time, but all the Best drivers fail to communicate with it. In ups_sync() in bestuferrups.c and bestfcom.c, the "time" command is sent and a one-line response is read. However, on my UPS, that command returns the current time and then prompts for a new time setting. I worked around that by just

I am trying to use dtrace to trace all sscanf calls. I am able to use pid provider for this. But my application forks off children at times to handle requests. Is there a way I can stop the child process immediately after it is started so that I can attach a pid provider to that and trace the scanf calls in it? I have tried using the "create" probe but that did not help.

Full_Name: Aart Overeem Version: 2.2.0 OS: Linux Submission from: (NULL) (145.23.254.155) Construct a dataframe consisting of several variables by using 'data.frame' and 'cbind' and write it to a file with 'write.table'. The file consists of headers and values, such as 12.4283675334551 (so 13 numbers behind the decimal point). If this dataframe is read with

The story of this problem, AFAIK, is that Solaris 8 YASSP and JASS and vigilant/paranoid sysadmins have been known to set a restricitve umask in /etc/default/login. OpenSSH compatibility for Solaris 8 has been spotty at times for sparcv9 targets. This time, when a sparcv9 binary tries to sscanf(3C) the numeric umask as a long octal and put it in a mode_t, SIGBUS happens. What this looks like in

This allows to overlay bad sectors according to the mapfile generated by ddrescue, to then see where sectors are used using fsck and trying to copy files around. Signed-off-by: Fran?ois Revol <revol at free.fr> --- configure.ac | 2 + filters/ddrescue/Makefile.am | 75 +++++++ filters/ddrescue/ddrescue.c | 218

This allows to overlay bad sectors according to the mapfile generated by ddrescue, to then see where sectors are used using fsck and trying to copy files around. Signed-off-by: Fran?ois Revol <revol at free.fr> --- configure.ac | 2 + filters/ddrescue/Makefile.am | 75 +++++++ filters/ddrescue/ddrescue.c | 211

On 5 July 2016 at 15:14, Joe Perches <joe at perches.com> wrote: > On Tue, 2016-07-05 at 13:47 -0700, Markus Mayer wrote: >> This series introduces a family of generic string case conversion >> functions. This kind of functionality is needed in several places in >> the kernel. Right now, everybody seems to be implementing their own >> copy of this functionality.