[asterisk-commits] tilghman: tag 1.6.0.12 r211672 - in /tags/1.6.0.12: ./ agi/ apps/ cdr/ channe...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Mon Aug 10 16:28:13 CDT 2009


Author: tilghman
Date: Mon Aug 10 16:28:06 2009
New Revision: 211672

URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=211672
Log:
Changes for 1.6.0.12

Removed:
    tags/1.6.0.12/asterisk-1.6.0.10-summary.html
    tags/1.6.0.12/asterisk-1.6.0.10-summary.txt
    tags/1.6.0.12/asterisk-1.6.0.9-summary.html
    tags/1.6.0.12/asterisk-1.6.0.9-summary.txt
Modified:
    tags/1.6.0.12/   (props changed)
    tags/1.6.0.12/.version
    tags/1.6.0.12/ChangeLog
    tags/1.6.0.12/agi/eagi-sphinx-test.c
    tags/1.6.0.12/agi/eagi-test.c
    tags/1.6.0.12/apps/app_adsiprog.c
    tags/1.6.0.12/apps/app_alarmreceiver.c
    tags/1.6.0.12/apps/app_chanspy.c
    tags/1.6.0.12/apps/app_dahdibarge.c
    tags/1.6.0.12/apps/app_disa.c
    tags/1.6.0.12/apps/app_followme.c
    tags/1.6.0.12/apps/app_macro.c
    tags/1.6.0.12/apps/app_meetme.c
    tags/1.6.0.12/apps/app_minivm.c
    tags/1.6.0.12/apps/app_mixmonitor.c
    tags/1.6.0.12/apps/app_morsecode.c
    tags/1.6.0.12/apps/app_osplookup.c
    tags/1.6.0.12/apps/app_privacy.c
    tags/1.6.0.12/apps/app_queue.c
    tags/1.6.0.12/apps/app_readfile.c
    tags/1.6.0.12/apps/app_record.c
    tags/1.6.0.12/apps/app_rpt.c
    tags/1.6.0.12/apps/app_setcallerid.c
    tags/1.6.0.12/apps/app_sms.c
    tags/1.6.0.12/apps/app_stack.c
    tags/1.6.0.12/apps/app_talkdetect.c
    tags/1.6.0.12/apps/app_verbose.c
    tags/1.6.0.12/apps/app_voicemail.c
    tags/1.6.0.12/apps/app_waitforring.c
    tags/1.6.0.12/apps/app_waitforsilence.c
    tags/1.6.0.12/apps/app_waituntil.c
    tags/1.6.0.12/cdr/cdr_adaptive_odbc.c
    tags/1.6.0.12/cdr/cdr_pgsql.c
    tags/1.6.0.12/channels/chan_agent.c
    tags/1.6.0.12/channels/chan_dahdi.c
    tags/1.6.0.12/channels/chan_iax2.c
    tags/1.6.0.12/channels/chan_mgcp.c
    tags/1.6.0.12/channels/chan_misdn.c
    tags/1.6.0.12/channels/chan_oss.c
    tags/1.6.0.12/channels/chan_phone.c
    tags/1.6.0.12/channels/chan_sip.c
    tags/1.6.0.12/channels/chan_skinny.c
    tags/1.6.0.12/channels/chan_usbradio.c
    tags/1.6.0.12/channels/iax2-provision.c
    tags/1.6.0.12/channels/misdn_config.c
    tags/1.6.0.12/codecs/codec_speex.c
    tags/1.6.0.12/doc/CODING-GUIDELINES
    tags/1.6.0.12/funcs/func_channel.c
    tags/1.6.0.12/funcs/func_cut.c
    tags/1.6.0.12/funcs/func_dialplan.c
    tags/1.6.0.12/funcs/func_enum.c
    tags/1.6.0.12/funcs/func_math.c
    tags/1.6.0.12/funcs/func_odbc.c
    tags/1.6.0.12/funcs/func_rand.c
    tags/1.6.0.12/funcs/func_strings.c
    tags/1.6.0.12/main/acl.c
    tags/1.6.0.12/main/asterisk.c
    tags/1.6.0.12/main/cdr.c
    tags/1.6.0.12/main/channel.c
    tags/1.6.0.12/main/cli.c
    tags/1.6.0.12/main/config.c
    tags/1.6.0.12/main/dnsmgr.c
    tags/1.6.0.12/main/features.c
    tags/1.6.0.12/main/frame.c
    tags/1.6.0.12/main/http.c
    tags/1.6.0.12/main/indications.c
    tags/1.6.0.12/main/manager.c
    tags/1.6.0.12/main/pbx.c
    tags/1.6.0.12/main/utils.c
    tags/1.6.0.12/pbx/dundi-parser.c
    tags/1.6.0.12/pbx/pbx_config.c
    tags/1.6.0.12/pbx/pbx_dundi.c
    tags/1.6.0.12/pbx/pbx_loopback.c
    tags/1.6.0.12/pbx/pbx_spool.c
    tags/1.6.0.12/res/ael/pval.c
    tags/1.6.0.12/res/res_agi.c
    tags/1.6.0.12/res/res_config_curl.c
    tags/1.6.0.12/res/res_config_ldap.c
    tags/1.6.0.12/res/res_limit.c
    tags/1.6.0.12/res/res_musiconhold.c
    tags/1.6.0.12/res/res_odbc.c
    tags/1.6.0.12/res/res_smdi.c
    tags/1.6.0.12/res/snmp/agent.c
    tags/1.6.0.12/utils/extconf.c
    tags/1.6.0.12/utils/frame.c
    tags/1.6.0.12/utils/muted.c

Propchange: tags/1.6.0.12/
------------------------------------------------------------------------------
Binary property 'trunk-merged' - no diff available.

Modified: tags/1.6.0.12/.version
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/.version?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/.version (original)
+++ tags/1.6.0.12/.version Mon Aug 10 16:28:06 2009
@@ -1,1 +1,1 @@
-1.6.0.10
+1.6.0.12

Modified: tags/1.6.0.12/ChangeLog
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/ChangeLog?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/ChangeLog (original)
+++ tags/1.6.0.12/ChangeLog Mon Aug 10 16:28:06 2009
@@ -1,3 +1,9 @@
+2009-08-09  Tilghman Lesher <tlesher at digium.com>
+
+	* Asterisk 1.6.0.12 released
+
+	* AST-2009-005
+
 2009-06-05  Leif Madsen <lmadsen at digium.com>
 
 	* Asterisk 1.6.0.10 released

Modified: tags/1.6.0.12/agi/eagi-sphinx-test.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/agi/eagi-sphinx-test.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/agi/eagi-sphinx-test.c (original)
+++ tags/1.6.0.12/agi/eagi-sphinx-test.c Mon Aug 10 16:28:06 2009
@@ -223,7 +223,7 @@
 	connect_sphinx();
 	tmp = getenv("agi_enhanced");
 	if (tmp) {
-		if (sscanf(tmp, "%d.%d", &ver, &subver) != 2)
+		if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2)
 			ver = 0;
 	}
 	if (ver < 1) {

Modified: tags/1.6.0.12/agi/eagi-test.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/agi/eagi-test.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/agi/eagi-test.c (original)
+++ tags/1.6.0.12/agi/eagi-test.c Mon Aug 10 16:28:06 2009
@@ -156,7 +156,7 @@
 	}
 	tmp = getenv("agi_enhanced");
 	if (tmp) {
-		if (sscanf(tmp, "%d.%d", &ver, &subver) != 2)
+		if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2)
 			ver = 0;
 	}
 	if (ver < 1) {

Modified: tags/1.6.0.12/apps/app_adsiprog.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_adsiprog.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_adsiprog.c (original)
+++ tags/1.6.0.12/apps/app_adsiprog.c Mon Aug 10 16:28:06 2009
@@ -187,7 +187,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Octal value */
-		if (sscanf(src, "%o", (int *)out) != 1)
+		if (sscanf(src, "%30o", (int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */
@@ -197,7 +197,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Hex value */
-		if (sscanf(src + 2, "%x", (unsigned int *)out) != 1)
+		if (sscanf(src + 2, "%30x", (unsigned int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */
@@ -207,7 +207,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Hex value */
-		if (sscanf(src, "%d", (int *)out) != 1)
+		if (sscanf(src, "%30d", (int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */

Modified: tags/1.6.0.12/apps/app_alarmreceiver.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_alarmreceiver.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_alarmreceiver.c (original)
+++ tags/1.6.0.12/apps/app_alarmreceiver.c Mon Aug 10 16:28:06 2009
@@ -115,7 +115,7 @@
 		return;
 	}
 	
-	sscanf(value, "%u", &v);
+	sscanf(value, "%30u", &v);
 	v++;
 
 	ast_verb(4, "AlarmReceiver: New value for %s: %u\n", key, v);

Modified: tags/1.6.0.12/apps/app_chanspy.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_chanspy.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_chanspy.c (original)
+++ tags/1.6.0.12/apps/app_chanspy.c Mon Aug 10 16:28:06 2009
@@ -806,7 +806,7 @@
 		if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) {
 			int vol;
 
-			if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4))
+			if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4))
 				ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n");
 			else
 				volfactor = vol;
@@ -889,7 +889,7 @@
 		if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) {
 			int vol;
 
-			if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4))
+			if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4))
 				ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n");
 			else
 				volfactor = vol;

Modified: tags/1.6.0.12/apps/app_dahdibarge.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_dahdibarge.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_dahdibarge.c (original)
+++ tags/1.6.0.12/apps/app_dahdibarge.c Mon Aug 10 16:28:06 2009
@@ -259,8 +259,8 @@
 	char confstr[80] = "";
 	
 	if (!ast_strlen_zero(data)) {
-		if ((sscanf(data, "DAHDI/%d", &confno) != 1) &&
-		    (sscanf(data, "%d", &confno) != 1)) {
+		if ((sscanf(data, "DAHDI/%30d", &confno) != 1) &&
+		    (sscanf(data, "%30d", &confno) != 1)) {
 			ast_log(LOG_WARNING, "DAHDIBarge Argument (if specified) must be a channel number, not '%s'\n", (char *)data);
 			return 0;
 		}
@@ -274,7 +274,7 @@
 		confstr[0] = '\0';
 		res = ast_app_getdata(chan, "conf-getchannel",confstr, sizeof(confstr) - 1, 0);
 		if (res <0) goto out;
-		if (sscanf(confstr, "%d", &confno) != 1)
+		if (sscanf(confstr, "%30d", &confno) != 1)
 			confno = 0;
 	}
 	if (confno) {

Modified: tags/1.6.0.12/apps/app_disa.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_disa.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_disa.c (original)
+++ tags/1.6.0.12/apps/app_disa.c Mon Aug 10 16:28:06 2009
@@ -221,7 +221,7 @@
 			if (!(k&1)) { /* if in password state */
 				if (j == '#') { /* end of password */
 					  /* see if this is an integer */
-					if (sscanf(args.passcode,"%d",&j) < 1) { /* nope, it must be a filename */
+					if (sscanf(args.passcode,"%30d",&j) < 1) { /* nope, it must be a filename */
 						fp = fopen(args.passcode,"r");
 						if (!fp) {
 							ast_log(LOG_WARNING,"DISA password file %s not found on chan %s\n",args.passcode,chan->name);
@@ -247,7 +247,7 @@
 							ast_debug(1, "Mailbox: %s\n",args.mailbox);
 
 							/* password must be in valid format (numeric) */
-							if (sscanf(args.passcode,"%d", &j) < 1)
+							if (sscanf(args.passcode,"%30d", &j) < 1)
 								continue;
 							 /* if we got it */
 							if (!strcmp(exten,args.passcode)) {

Modified: tags/1.6.0.12/apps/app_followme.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_followme.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_followme.c (original)
+++ tags/1.6.0.12/apps/app_followme.c Mon Aug 10 16:28:06 2009
@@ -308,7 +308,7 @@
 	featuredigittostr = ast_variable_retrieve(cfg, "general", "featuredigittimeout");
 	
 	if (!ast_strlen_zero(featuredigittostr)) {
-		if (!sscanf(featuredigittostr, "%d", &featuredigittimeout))
+		if (!sscanf(featuredigittostr, "%30d", &featuredigittimeout))
 			featuredigittimeout = 5000;
 	}
 

Modified: tags/1.6.0.12/apps/app_macro.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_macro.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_macro.c (original)
+++ tags/1.6.0.12/apps/app_macro.c Mon Aug 10 16:28:06 2009
@@ -205,18 +205,18 @@
 	/* does the user want a deeper rabbit hole? */
 	s = pbx_builtin_getvar_helper(chan, "MACRO_RECURSION");
 	if (s)
-		sscanf(s, "%d", &maxdepth);
+		sscanf(s, "%30d", &maxdepth);
 
 	/* Count how many levels deep the rabbit hole goes */
 	s = pbx_builtin_getvar_helper(chan, "MACRO_DEPTH");
 	if (s)
-		sscanf(s, "%d", &depth);
+		sscanf(s, "%30d", &depth);
 	/* Used for detecting whether to return when a Macro is called from another Macro after hangup */
 	if (strcmp(chan->exten, "h") == 0)
 		pbx_builtin_setvar_helper(chan, "MACRO_IN_HANGUP", "1");
 	inhangupc = pbx_builtin_getvar_helper(chan, "MACRO_IN_HANGUP");
 	if (!ast_strlen_zero(inhangupc))
-		sscanf(inhangupc, "%d", &inhangup);
+		sscanf(inhangupc, "%30d", &inhangup);
 
 	if (depth >= maxdepth) {
 		ast_log(LOG_ERROR, "Macro():  possible infinite loop detected.  Returning early.\n");
@@ -465,7 +465,7 @@
 			if ((offsets = pbx_builtin_getvar_helper(chan, "MACRO_OFFSET"))) {
 				/* Handle macro offset if it's set by checking the availability of step n + offset + 1, otherwise continue
 			   	normally if there is any problem */
-				if (sscanf(offsets, "%d", &offset) == 1) {
+				if (sscanf(offsets, "%30d", &offset) == 1) {
 					if (ast_exists_extension(chan, chan->context, chan->exten, chan->priority + offset + 1, chan->cid.cid_num)) {
 						chan->priority += offset;
 					}

Modified: tags/1.6.0.12/apps/app_meetme.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_meetme.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_meetme.c (original)
+++ tags/1.6.0.12/apps/app_meetme.c Mon Aug 10 16:28:06 2009
@@ -902,7 +902,7 @@
 	AST_LIST_INSERT_HEAD(&confs, cnf, list);
 
 	/* Reserve conference number in map */
-	if ((sscanf(cnf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
+	if ((sscanf(cnf->confno, "%30d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
 		conf_map[confno_int] = 1;
 	
 cnfout:
@@ -1499,7 +1499,7 @@
 	AST_LIST_LOCK(&confs);
 	if (ast_atomic_dec_and_test(&conf->refcount)) {
 		/* Take the conference room number out of an inuse state */
-		if ((sscanf(conf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
+		if ((sscanf(conf->confno, "%4d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
 			conf_map[confno_int] = 0;
 		conf_free(conf);
 		res = 1;
@@ -1663,7 +1663,7 @@
 	/* Possible timeout waiting for marked user */
 	if ((confflags & CONFFLAG_WAITMARKED) &&
 		!ast_strlen_zero(optargs[OPT_ARG_WAITMARKED]) &&
-		(sscanf(optargs[OPT_ARG_WAITMARKED], "%d", &opt_waitmarked_timeout) == 1) &&
+		(sscanf(optargs[OPT_ARG_WAITMARKED], "%30d", &opt_waitmarked_timeout) == 1) &&
 		(opt_waitmarked_timeout > 0)) {
 		timeout = time(NULL) + opt_waitmarked_timeout;
 	}
@@ -3223,7 +3223,7 @@
 				if (!res)
 					ast_waitstream(chan, "");
 			} else {
-				if (sscanf(confno, "%d", &confno_int) == 1) {
+				if (sscanf(confno, "%30d", &confno_int) == 1) {
 					if (!ast_test_flag(&confflags, CONFFLAG_QUIET)) {
 						res = ast_streamfile(chan, "conf-enteringno", chan->language);
 						if (!res) {
@@ -3350,7 +3350,7 @@
 	struct ast_conf_user *user = NULL;
 	int cid;
 	
-	sscanf(callerident, "%i", &cid);
+	sscanf(callerident, "%30i", &cid);
 	if (conf && callerident) {
 		AST_LIST_TRAVERSE(&conf->userlist, user, list) {
 			if (cid == user->user_no)
@@ -3825,7 +3825,7 @@
 	rt_log_members = 1;  
 
 	if ((val = ast_variable_retrieve(cfg, "general", "audiobuffers"))) {
-		if ((sscanf(val, "%d", &audio_buffers) != 1)) {
+		if ((sscanf(val, "%30d", &audio_buffers) != 1)) {
 			ast_log(LOG_WARNING, "audiobuffers setting must be a number, not '%s'\n", val);
 			audio_buffers = DEFAULT_AUDIO_BUFFERS;
 		} else if ((audio_buffers < DAHDI_DEFAULT_NUM_BUFS) || (audio_buffers > DAHDI_MAX_NUM_BUFS)) {
@@ -3842,19 +3842,19 @@
 	if ((val = ast_variable_retrieve(cfg, "general", "logmembercount")))
 		rt_log_members = ast_true(val);
 	if ((val = ast_variable_retrieve(cfg, "general", "fuzzystart"))) {
-		if ((sscanf(val, "%d", &fuzzystart) != 1)) {
+		if ((sscanf(val, "%30d", &fuzzystart) != 1)) {
 			ast_log(LOG_WARNING, "fuzzystart must be a number, not '%s'\n", val);
 			fuzzystart = 0;
 		} 
 	}
 	if ((val = ast_variable_retrieve(cfg, "general", "earlyalert"))) {
-		if ((sscanf(val, "%d", &earlyalert) != 1)) {
+		if ((sscanf(val, "%30d", &earlyalert) != 1)) {
 			ast_log(LOG_WARNING, "earlyalert must be a number, not '%s'\n", val);
 			earlyalert = 0;
 		} 
 	}
 	if ((val = ast_variable_retrieve(cfg, "general", "endalert"))) {
-		if ((sscanf(val, "%d", &endalert) != 1)) {
+		if ((sscanf(val, "%30d", &endalert) != 1)) {
 			ast_log(LOG_WARNING, "endalert must be a number, not '%s'\n", val);
 			endalert = 0;
 		} 
@@ -5419,7 +5419,7 @@
 		if (!strcasecmp(var->name, "autocontext"))
 			ast_string_field_set(trunk, autocontext, var->value);
 		else if (!strcasecmp(var->name, "ringtimeout")) {
-			if (sscanf(var->value, "%u", &trunk->ring_timeout) != 1) {
+			if (sscanf(var->value, "%30u", &trunk->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for trunk '%s'\n",
 					var->value, trunk->name);
 				trunk->ring_timeout = 0;
@@ -5495,13 +5495,13 @@
 		char *name, *value = cur;
 		name = strsep(&value, "=");
 		if (!strcasecmp(name, "ringtimeout")) {
-			if (sscanf(value, "%u", &trunk_ref->ring_timeout) != 1) {
+			if (sscanf(value, "%30u", &trunk_ref->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout value '%s' for "
 					"trunk '%s' on station '%s'\n", value, trunk->name, station->name);
 				trunk_ref->ring_timeout = 0;
 			}
 		} else if (!strcasecmp(name, "ringdelay")) {
-			if (sscanf(value, "%u", &trunk_ref->ring_delay) != 1) {
+			if (sscanf(value, "%30u", &trunk_ref->ring_delay) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringdelay value '%s' for "
 					"trunk '%s' on station '%s'\n", value, trunk->name, station->name);
 				trunk_ref->ring_delay = 0;
@@ -5550,13 +5550,13 @@
 		else if (!strcasecmp(var->name, "autocontext"))
 			ast_string_field_set(station, autocontext, var->value);
 		else if (!strcasecmp(var->name, "ringtimeout")) {
-			if (sscanf(var->value, "%u", &station->ring_timeout) != 1) {
+			if (sscanf(var->value, "%30u", &station->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for station '%s'\n",
 					var->value, station->name);
 				station->ring_timeout = 0;
 			}
 		} else if (!strcasecmp(var->name, "ringdelay")) {
-			if (sscanf(var->value, "%u", &station->ring_delay) != 1) {
+			if (sscanf(var->value, "%30u", &station->ring_delay) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringdelay '%s' specified for station '%s'\n",
 					var->value, station->name);
 				station->ring_delay = 0;

Modified: tags/1.6.0.12/apps/app_minivm.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_minivm.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_minivm.c (original)
+++ tags/1.6.0.12/apps/app_minivm.c Mon Aug 10 16:28:06 2009
@@ -1715,7 +1715,7 @@
 		if (ast_test_flag(&flags, OPT_RECORDGAIN)) {
 			int gain;
 
-			if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) {
+			if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) {
 				ast_log(LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]);
 				return -1;
 			} else 
@@ -2137,7 +2137,7 @@
 		} else if (!strcasecmp(var->name, "pager")) {
 			ast_copy_string(vmu->pager, var->value, sizeof(vmu->pager));
 		} else if (!strcasecmp(var->name, "volgain")) {
-			sscanf(var->value, "%lf", &vmu->volgain);
+			sscanf(var->value, "%30lf", &vmu->volgain);
 		} else {
 			ast_log(LOG_ERROR, "Unknown configuration option for minivm account %s : %s\n", name, var->name);
 		}
@@ -2308,7 +2308,7 @@
 			global_silencethreshold = atoi(var->value);
 		} else if (!strcmp(var->name, "maxmessage")) {
 			int x;
-			if (sscanf(var->value, "%d", &x) == 1) {
+			if (sscanf(var->value, "%30d", &x) == 1) {
 				global_vmmaxmessage = x;
 			} else {
 				error ++;
@@ -2316,7 +2316,7 @@
 			}
 		} else if (!strcmp(var->name, "minmessage")) {
 			int x;
-			if (sscanf(var->value, "%d", &x) == 1) {
+			if (sscanf(var->value, "%30d", &x) == 1) {
 				global_vmminmessage = x;
 				if (global_maxsilence <= global_vmminmessage)
 					ast_log(LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n");

Modified: tags/1.6.0.12/apps/app_mixmonitor.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_mixmonitor.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_mixmonitor.c (original)
+++ tags/1.6.0.12/apps/app_mixmonitor.c Mon Aug 10 16:28:06 2009
@@ -390,7 +390,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_READVOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_READVOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the heard volume ('v') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_READVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_READVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Heard volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_READVOLUME]);
 			} else {
 				readvol = get_volfactor(x);
@@ -400,7 +400,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_WRITEVOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_WRITEVOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the spoken volume ('V') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Spoken volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_WRITEVOLUME]);
 			} else {
 				writevol = get_volfactor(x);
@@ -410,7 +410,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_VOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_VOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the combined volume ('W') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_VOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Combined volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_VOLUME]);
 			} else {
 				readvol = writevol = get_volfactor(x);

Modified: tags/1.6.0.12/apps/app_morsecode.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_morsecode.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_morsecode.c (original)
+++ tags/1.6.0.12/apps/app_morsecode.c Mon Aug 10 16:28:06 2009
@@ -112,13 +112,13 @@
 
 	/* Use variable MORESEDITLEN, if set (else 80) */
 	ditlenc = pbx_builtin_getvar_helper(chan, "MORSEDITLEN");
-	if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%d", &ditlen) != 1)) {
+	if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%30d", &ditlen) != 1)) {
 		ditlen = 80;
 	}
 
 	/* Use variable MORSETONE, if set (else 800) */
 	tonec = pbx_builtin_getvar_helper(chan, "MORSETONE");
-	if (ast_strlen_zero(tonec) || (sscanf(tonec, "%d", &tone) != 1)) {
+	if (ast_strlen_zero(tonec) || (sscanf(tonec, "%30d", &tone) != 1)) {
 		tone = 800;
 	}
 

Modified: tags/1.6.0.12/apps/app_osplookup.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_osplookup.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_osplookup.c (original)
+++ tags/1.6.0.12/apps/app_osplookup.c Mon Aug 10 16:28:06 2009
@@ -246,7 +246,7 @@
 				ast_log(LOG_WARNING, "OSP: Too many Service Points at line %d\n", v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "maxconnections")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) {
 				p->maxconnections = t;
 				ast_debug(1, "OSP: maxconnections '%d'\n", t);
 			} else {
@@ -254,7 +254,7 @@
 					OSP_MIN_MAXCONNECTIONS, OSP_MAX_MAXCONNECTIONS, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "retrydelay")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) {
 				p->retrydelay = t;
 				ast_debug(1, "OSP: retrydelay '%d'\n", t);
 			} else {
@@ -262,7 +262,7 @@
 					OSP_MIN_RETRYDELAY, OSP_MAX_RETRYDELAY, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "retrylimit")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) {
 				p->retrylimit = t;
 				ast_debug(1, "OSP: retrylimit '%d'\n", t);
 			} else {
@@ -270,7 +270,7 @@
 					OSP_MIN_RETRYLIMIT, OSP_MAX_RETRYLIMIT, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "timeout")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) {
 				p->timeout = t;
 				ast_debug(1, "OSP: timeout '%d'\n", t);
 			} else {
@@ -281,7 +281,7 @@
 			ast_copy_string(p->source, v->value, sizeof(p->source));
 			ast_debug(1, "OSP: source '%s'\n", p->source);
 		} else if (!strcasecmp(v->name, "authpolicy")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) {
 				p->authpolicy = t;
 				ast_debug(1, "OSP: authpolicy '%d'\n", t);
 			} else {
@@ -1391,11 +1391,11 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) {
 				result.inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) {
-			if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) {
 				result.intimelimit = OSP_DEF_TIMELIMIT;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINNETWORKID")) {
@@ -1532,7 +1532,7 @@
 
 	AST_STANDARD_APP_ARGS(args, tmp);
 
-	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) {
+	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) {
 		cause = 0;
 	}
 	ast_debug(1, "OSPNext: cause '%d'\n", cause);
@@ -1550,23 +1550,23 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) {
 				result.inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.outhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.outhandle) != 1) {
 				result.outhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) {
-			if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) {
 				result.intimelimit = OSP_DEF_TIMELIMIT;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTCALLIDTYPES")) {
-			if (sscanf(ast_var_value(current), "%d", &callidtypes) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &callidtypes) != 1) {
 				callidtypes = OSP_CALLID_UNDEFINED;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPRESULTS")) {
-			if (sscanf(ast_var_value(current), "%d", &result.numresults) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.numresults) != 1) {
 				result.numresults = 0;
 			}
 		}
@@ -1685,11 +1685,11 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &inhandle) != 1) {
 				inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &outhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &outhandle) != 1) {
 				outhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!recorded &&
@@ -1706,7 +1706,7 @@
 	ast_debug(1, "OSPFinish: OSPOUTHANDLE '%d'\n", outhandle);
 	ast_debug(1, "OSPFinish: recorded '%d'\n", recorded);
 
-	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) {
+	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) {
 		cause = 0;
 	}
 	ast_debug(1, "OSPFinish: cause '%d'\n", cause);
@@ -1798,7 +1798,7 @@
 
 		t = ast_variable_retrieve(cfg, OSP_GENERAL_CAT, "tokenformat");
 		if (t) {
-			if ((sscanf(t, "%d", &v) == 1) &&
+			if ((sscanf(t, "%30d", &v) == 1) &&
 				((v == TOKEN_ALGO_SIGNED) || (v == TOKEN_ALGO_UNSIGNED) || (v == TOKEN_ALGO_BOTH)))
 			{
 				osp_tokenformat = v;

Modified: tags/1.6.0.12/apps/app_privacy.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_privacy.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_privacy.c (original)
+++ tags/1.6.0.12/apps/app_privacy.c Mon Aug 10 16:28:06 2009
@@ -90,13 +90,13 @@
 			AST_STANDARD_APP_ARGS(args, parse);
 
 			if (args.maxretries) {
-				if (sscanf(args.maxretries, "%d", &x) == 1)
+				if (sscanf(args.maxretries, "%30d", &x) == 1)
 					maxretries = x;
 				else
 					ast_log(LOG_WARNING, "Invalid max retries argument\n");
 			}
 			if (args.minlength) {
-				if (sscanf(args.minlength, "%d", &x) == 1)
+				if (sscanf(args.minlength, "%30d", &x) == 1)
 					minlength = x;
 				else
 					ast_log(LOG_WARNING, "Invalid min length argument\n");

Modified: tags/1.6.0.12/apps/app_queue.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_queue.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_queue.c (original)
+++ tags/1.6.0.12/apps/app_queue.c Mon Aug 10 16:28:06 2009
@@ -4538,7 +4538,7 @@
 	}
 
 	if (!ast_strlen_zero(args.penalty)) {
-		if ((sscanf(args.penalty, "%d", &penalty) != 1) || penalty < 0) {
+		if ((sscanf(args.penalty, "%30d", &penalty) != 1) || penalty < 0) {
 			ast_log(LOG_WARNING, "Penalty '%s' is invalid, must be an integer >= 0\n", args.penalty);
 			penalty = 0;
 		}
@@ -4699,7 +4699,7 @@
 	/* Get the priority from the variable ${QUEUE_PRIO} */
 	user_priority = pbx_builtin_getvar_helper(chan, "QUEUE_PRIO");
 	if (user_priority) {
-		if (sscanf(user_priority, "%d", &prio) == 1) {
+		if (sscanf(user_priority, "%30d", &prio) == 1) {
 			ast_debug(1, "%s: Got priority %d from ${QUEUE_PRIO}.\n", chan->name, prio);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_PRIO}: Invalid value (%s), channel %s.\n",
@@ -4714,7 +4714,7 @@
 	/* Get the maximum penalty from the variable ${QUEUE_MAX_PENALTY} */
 
 	if ((max_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MAX_PENALTY"))) {
-		if (sscanf(max_penalty_str, "%d", &max_penalty) == 1) {
+		if (sscanf(max_penalty_str, "%30d", &max_penalty) == 1) {
 			ast_debug(1, "%s: Got max penalty %d from ${QUEUE_MAX_PENALTY}.\n", chan->name, max_penalty);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_MAX_PENALTY}: Invalid value (%s), channel %s.\n",
@@ -4726,7 +4726,7 @@
 	}
 
 	if ((min_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MIN_PENALTY"))) {
-		if (sscanf(min_penalty_str, "%d", &min_penalty) == 1) {
+		if (sscanf(min_penalty_str, "%30d", &min_penalty) == 1) {
 			ast_debug(1, "%s: Got min penalty %d from ${QUEUE_MIN_PENALTY}.\n", chan->name, min_penalty);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_MIN_PENALTY}: Invalid value (%s), channel %s.\n",
@@ -5983,7 +5983,7 @@
 
 	if (ast_strlen_zero(penalty_s))
 		penalty = 0;
-	else if (sscanf(penalty_s, "%d", &penalty) != 1 || penalty < 0)
+	else if (sscanf(penalty_s, "%30d", &penalty) != 1 || penalty < 0)
 		penalty = 0;
 
 	if (ast_strlen_zero(paused_s))
@@ -6175,7 +6175,7 @@
 	queuename = a->argv[5];
 	interface = a->argv[3];
 	if (a->argc >= 8) {
-		if (sscanf(a->argv[7], "%d", &penalty) == 1) {
+		if (sscanf(a->argv[7], "%30d", &penalty) == 1) {
 			if (penalty < 0) {
 				ast_cli(a->fd, "Penalty must be >= 0\n");
 				penalty = 0;

Modified: tags/1.6.0.12/apps/app_readfile.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_readfile.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_readfile.c (original)
+++ tags/1.6.0.12/apps/app_readfile.c Mon Aug 10 16:28:06 2009
@@ -73,7 +73,7 @@
 	}
 
 	if (length) {
-		if ((sscanf(length, "%d", &len) != 1) || (len < 0)) {
+		if ((sscanf(length, "%30d", &len) != 1) || (len < 0)) {
 			ast_log(LOG_WARNING, "%s is not a positive number, defaulting length to max\n", length);
 			len = 0;
 		}

Modified: tags/1.6.0.12/apps/app_record.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_record.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_record.c (original)
+++ tags/1.6.0.12/apps/app_record.c Mon Aug 10 16:28:06 2009
@@ -145,7 +145,7 @@
 		return -1;
 	}
 	if (args.silence) {
-		if ((sscanf(args.silence, "%d", &i) == 1) && (i > -1)) {
+		if ((sscanf(args.silence, "%30d", &i) == 1) && (i > -1)) {
 			silence = i * 1000;
 		} else if (!ast_strlen_zero(args.silence)) {
 			ast_log(LOG_WARNING, "'%s' is not a valid silence duration\n", args.silence);
@@ -153,7 +153,7 @@
 	}
 	
 	if (args.maxduration) {
-		if ((sscanf(args.maxduration, "%d", &i) == 1) && (i > -1))
+		if ((sscanf(args.maxduration, "%30d", &i) == 1) && (i > -1))
 			/* Convert duration to milliseconds */
 			maxduration = i * 1000;
 		else if (!ast_strlen_zero(args.maxduration))

Modified: tags/1.6.0.12/apps/app_rpt.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_rpt.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_rpt.c (original)
+++ tags/1.6.0.12/apps/app_rpt.c Mon Aug 10 16:28:06 2009
@@ -810,7 +810,7 @@
 	if (str == NULL)
 		return -1;
 	/* leave this %i alone, non-base-10 input is useful here */
-	if (sscanf(str, "%i", &ret) != 1)
+	if (sscanf(str, "%30i", &ret) != 1)
 		return -1;
 	return ret;
 }
@@ -979,7 +979,7 @@
 			/* do not use atoi() here, we need to be able to have
 			   the input specified in hex or decimal so we use
 			   sscanf with a %i */
-			if (sscanf(var->value, "%i", &rpt_vars[n].p.iobase) != 1)
+			if (sscanf(var->value, "%30i", &rpt_vars[n].p.iobase) != 1)
 				rpt_vars[n].p.iobase = DEFAULT_IOBASE;
 		} else if (!strcmp(var->name, "functions")) {
 			rpt_vars[n].p.simple = 0;
@@ -1671,7 +1671,7 @@
 		tonesubset = strsep(&stringp, ")");
 		if (!tonesubset)
 			break;
-		if (sscanf(tonesubset, "(%d,%d,%d,%d", &f1, &f2, &duration, &amplitude) != 4)
+		if (sscanf(tonesubset, "(%30d,%30d,%30d,%30d", &f1, &f2, &duration, &amplitude) != 4)
 			break;
 		res = play_tone_pair(chan, f1, f2, duration, amplitude);
 		if (res)
@@ -3482,6 +3482,8 @@
 
 static void handle_link_data(struct rpt *myrpt, struct rpt_link *mylink, char *str)
 {
+	/* XXX ATTENTION: if you change the size of these arrays you MUST
+	 * change the limits in corresponding sscanf() calls below. */
 	char cmd[300] = "", dest[300], src[300], c;
 	int	seq, res;
 	struct rpt_link *l;
@@ -3499,7 +3501,7 @@
 		ast_softhangup(mylink->chan, AST_SOFTHANGUP_DEV);
 		return;
 	}
-	if (sscanf(str, "%s %s %s %d %c", cmd, dest, src, &seq, &c) != 5) {
+	if (sscanf(str, "%299s %299s %299s %30d %1c", cmd, dest, src, &seq, &c) != 5) {
 		ast_log(LOG_WARNING, "Unable to parse link string %s\n", str);
 		return;
 	}
@@ -4103,7 +4105,7 @@
 {
 	double input2 = 0.0;
 	long long modifier = (long long)pow(10.0, (double)places);
-	if (sscanf(input, "%lf", &input2) == 1) {
+	if (sscanf(input, "%30lf", &input2) == 1) {
 		long long input3 = input2 * modifier;
 		*ints = input3 / modifier;
 		*decs = input3 % modifier;
@@ -5370,12 +5372,16 @@
 
 static int handle_remote_data(struct rpt *myrpt, char *str)
 {
+	/* XXX ATTENTION: if you change the size of these arrays you MUST
+	 * change the limits in corresponding sscanf() calls below. */
 	char cmd[300], dest[300], src[300], c;
 	int	seq, res;
 
 	if (!strcmp(str, discstr))
 		return 0;
-	if (sscanf(str, "%s %s %s %d %c", cmd, dest, src, &seq, &c) != 5) {
+	/* XXX WARNING: be very careful with the limits on the folowing
+	 * sscanf() call, make sure they match the values defined above */
+	if (sscanf(str, "%299s %299s %299s %30d %1c", cmd, dest, src, &seq, &c) != 5) {
 		ast_log(LOG_WARNING, "Unable to parse link string %s\n", str);
 		return 0;
 	}

Modified: tags/1.6.0.12/apps/app_setcallerid.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_setcallerid.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_setcallerid.c (original)
+++ tags/1.6.0.12/apps/app_setcallerid.c Mon Aug 10 16:28:06 2009
@@ -70,7 +70,7 @@
 	}
 
 	/* For interface consistency, permit the argument to be specified as a number */
-	if (sscanf(data, "%d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) {
+	if (sscanf(data, "%30d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) {
 		pres = ast_parse_caller_presentation(data);
 	}
 

Modified: tags/1.6.0.12/apps/app_sms.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_sms.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_sms.c (original)
+++ tags/1.6.0.12/apps/app_sms.c Mon Aug 10 16:28:06 2009
@@ -815,13 +815,9 @@
 					else if (!strcmp(line, "rp"))
 						h->rp = (atoi(p) ? 1 : 0);
 					else if (!strcmp(line, "scts")) {	/* get date/time */
-						int Y,
-						  m,
-						  d,
-						  H,
-						  M,
-						  S;
-						if (sscanf (p, "%d-%d-%dT%d:%d:%d", &Y, &m, &d, &H, &M, &S) == 6) {
+						int Y, m, d, H, M, S;
+						/* XXX Why aren't we using ast_strptime here? */
+						if (sscanf(p, "%4d-%2d-%2dT%2d:%2d:%2d", &Y, &m, &d, &H, &M, &S) == 6) {
 							struct ast_tm t = { 0, };
 							t.tm_year = Y - 1900;
 							t.tm_mon = m - 1;

Modified: tags/1.6.0.12/apps/app_stack.c
URL: http://svn.asterisk.org/svn-view/asterisk/tags/1.6.0.12/apps/app_stack.c?view=diff&rev=211672&r1=211671&r2=211672
==============================================================================
--- tags/1.6.0.12/apps/app_stack.c (original)
+++ tags/1.6.0.12/apps/app_stack.c Mon Aug 10 16:28:06 2009
@@ -413,7 +413,7 @@
 
 	ast_debug(1, "Gosub called with %d arguments: 0:%s 1:%s 2:%s 3:%s 4:%s\n", argc, argv[0], argv[1], argv[2], argv[3], argc == 5 ? argv[4] : "");
 
-	if (sscanf(argv[3], "%d", &priority) != 1 || priority < 1) {
+	if (sscanf(argv[3], "%30d", &priority) != 1 || priority < 1) {
 		/* Lookup the priority label */
 		if ((priority = ast_findlabel_extension(chan, argv[1], argv[2], argv[3], chan->cid.cid_num)) < 0) {

[... 2824 lines stripped ...]



More information about the asterisk-commits mailing list