Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > Re: sscanf() safety

Reply
Thread Tools

Re: sscanf() safety

 
 
Barry Schwarz
Guest
Posts: n/a
 
      12-24-2010
On Thu, 23 Dec 2010 23:20:54 +0530, Cross <(E-Mail Removed)> wrote:

>Hello
>
>I am working on an rtf renderer and parser. My code is hosted at
>http://code.google.com/p/ertf . I tried kcachegrind on my binaries and found
>that getc() is taking a lot of time. Obviously, character read from files is
>slow. So, I decided to read the whole file into memory as a char buffer. Please
>feel free to comment and suggest on the following code. Now, I want to scan the
>char buffer using sscanf(). However, I remember once I heard in a chat room that
>sscanf() has buffer overflow vulnerabilities. I would like pointers on this and
>would like to know how I can use sscanf() safely.
>
>if(!fp){
> fprintf(stderr, "File pointer uninitialized.\n");
> goto close_strbuf;
> }
>
> while((count = fread(cp, 1, 4096, fp))){
> if(feof(fp))break;


There are other reasons besides end of file that will cause fread to
stop prior to reading all 4096 bytes requested.

> strbuf_append(buf, cp);


Since cp needs to be zero terminated (see assignment statement below),
how do you insure that cp[4096] is '\0'?

> }
> cp[count] = '\0';


Are you sure that the file will never contain a '\0'?

> strbuf_append(buf, cp);
> fclose(fp);
>
>--- news://freenews.netfront.net/ - complaints: http://www.velocityreviews.com/forums/(E-Mail Removed) ---


--
Remove del for email
 
Reply With Quote
 
 
 
 
Barry Schwarz
Guest
Posts: n/a
 
      12-24-2010
On Fri, 24 Dec 2010 23:29:51 +0530, Cross <(E-Mail Removed)> wrote:

>On 12/24/2010 05:50 AM, Barry Schwarz wrote:
>> On Thu, 23 Dec 2010 23:20:54 +0530, Cross<(E-Mail Removed)> wrote:
>>
>>> Hello
>>>
>>> I am working on an rtf renderer and parser. My code is hosted at
>>> http://code.google.com/p/ertf . I tried kcachegrind on my binaries and found
>>> that getc() is taking a lot of time. Obviously, character read from files is
>>> slow. So, I decided to read the whole file into memory as a char buffer. Please
>>> feel free to comment and suggest on the following code. Now, I want to scan the
>>> char buffer using sscanf(). However, I remember once I heard in a chat room that
>>> sscanf() has buffer overflow vulnerabilities. I would like pointers on this and
>>> would like to know how I can use sscanf() safely.
>>>
>>> if(!fp){
>>> fprintf(stderr, "File pointer uninitialized.\n");
>>> goto close_strbuf;
>>> }
>>>
>>> while((count = fread(cp, 1, 4096, fp))){
>>> if(feof(fp))break;

>>
>> There are other reasons besides end of file that will cause fread to
>> stop prior to reading all 4096 bytes requested.
>>
>>> strbuf_append(buf, cp);

>>
>> Since cp needs to be zero terminated (see assignment statement below),
>> how do you insure that cp[4096] is '\0'?
>>
>>> }
>>> cp[count] = '\0';

>>
>> Are you sure that the file will never contain a '\0'?

>Interesting posibility. I would like to know how to handle that.


One way would be to eliminate the implicit assumption that the data
read from the file can be treated as a single string. You might need
to pass some additional or slightly modified arguments to
strbuf_append but memcpy could provide the heavy lifting.

>>
>>> strbuf_append(buf, cp);
>>> fclose(fp);
>>>
>>> --- news://freenews.netfront.net/ - complaints: (E-Mail Removed) ---

>>

>
>
>--- news://freenews.netfront.net/ - complaints: (E-Mail Removed) ---


--
Remove del for email
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What is thread safety? Hans ASP .Net 1 10-12-2004 03:15 PM
newbie question on "Type Safety" Raymond Du ASP .Net 1 06-21-2004 11:42 AM
ADODB.connection safety settings error Steven Baeten ASP .Net 1 05-09-2004 10:57 PM
LiteralControl thread safety. George Ter-Saakov ASP .Net 1 04-06-2004 10:06 AM
VPN L2TP over IPSEC: double safety? Bert Roos Cisco 1 02-25-2004 08:52 PM



Advertisments