[svn-commits] tilghman: branch 1.6.1 r211569 - in /branches/1.6.1: ./ agi/ apps/ cdr/ chann...
    SVN commits to the Digium repositories 
    svn-commits at lists.digium.com
       
    Mon Aug 10 14:31:06 CDT 2009
    
    
  
Author: tilghman
Date: Mon Aug 10 14:30:55 2009
New Revision: 211569
URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=211569
Log:
AST-2009-005
Modified:
    branches/1.6.1/   (props changed)
    branches/1.6.1/agi/eagi-sphinx-test.c
    branches/1.6.1/agi/eagi-test.c
    branches/1.6.1/apps/app_adsiprog.c
    branches/1.6.1/apps/app_alarmreceiver.c
    branches/1.6.1/apps/app_chanspy.c
    branches/1.6.1/apps/app_dahdibarge.c
    branches/1.6.1/apps/app_disa.c
    branches/1.6.1/apps/app_followme.c
    branches/1.6.1/apps/app_macro.c
    branches/1.6.1/apps/app_meetme.c
    branches/1.6.1/apps/app_minivm.c
    branches/1.6.1/apps/app_mixmonitor.c
    branches/1.6.1/apps/app_morsecode.c
    branches/1.6.1/apps/app_osplookup.c
    branches/1.6.1/apps/app_privacy.c
    branches/1.6.1/apps/app_queue.c
    branches/1.6.1/apps/app_readfile.c
    branches/1.6.1/apps/app_record.c
    branches/1.6.1/apps/app_rpt.c
    branches/1.6.1/apps/app_setcallerid.c
    branches/1.6.1/apps/app_sms.c
    branches/1.6.1/apps/app_stack.c
    branches/1.6.1/apps/app_talkdetect.c
    branches/1.6.1/apps/app_verbose.c
    branches/1.6.1/apps/app_voicemail.c
    branches/1.6.1/apps/app_waitforring.c
    branches/1.6.1/apps/app_waitforsilence.c
    branches/1.6.1/apps/app_waituntil.c
    branches/1.6.1/cdr/cdr_adaptive_odbc.c
    branches/1.6.1/cdr/cdr_pgsql.c
    branches/1.6.1/channels/chan_agent.c
    branches/1.6.1/channels/chan_dahdi.c
    branches/1.6.1/channels/chan_iax2.c
    branches/1.6.1/channels/chan_mgcp.c
    branches/1.6.1/channels/chan_misdn.c
    branches/1.6.1/channels/chan_oss.c
    branches/1.6.1/channels/chan_phone.c
    branches/1.6.1/channels/chan_sip.c
    branches/1.6.1/channels/chan_skinny.c
    branches/1.6.1/channels/chan_usbradio.c
    branches/1.6.1/channels/iax2-provision.c
    branches/1.6.1/channels/misdn_config.c
    branches/1.6.1/codecs/codec_speex.c
    branches/1.6.1/doc/CODING-GUIDELINES
    branches/1.6.1/funcs/func_channel.c
    branches/1.6.1/funcs/func_cut.c
    branches/1.6.1/funcs/func_dialplan.c
    branches/1.6.1/funcs/func_enum.c
    branches/1.6.1/funcs/func_math.c
    branches/1.6.1/funcs/func_odbc.c
    branches/1.6.1/funcs/func_rand.c
    branches/1.6.1/funcs/func_speex.c
    branches/1.6.1/funcs/func_strings.c
    branches/1.6.1/funcs/func_timeout.c
    branches/1.6.1/main/acl.c
    branches/1.6.1/main/asterisk.c
    branches/1.6.1/main/cdr.c
    branches/1.6.1/main/channel.c
    branches/1.6.1/main/cli.c
    branches/1.6.1/main/config.c
    branches/1.6.1/main/dnsmgr.c
    branches/1.6.1/main/dsp.c
    branches/1.6.1/main/enum.c
    branches/1.6.1/main/features.c
    branches/1.6.1/main/frame.c
    branches/1.6.1/main/http.c
    branches/1.6.1/main/indications.c
    branches/1.6.1/main/manager.c
    branches/1.6.1/main/netsock.c
    branches/1.6.1/main/pbx.c
    branches/1.6.1/main/timing.c
    branches/1.6.1/main/utils.c
    branches/1.6.1/pbx/dundi-parser.c
    branches/1.6.1/pbx/pbx_config.c
    branches/1.6.1/pbx/pbx_dundi.c
    branches/1.6.1/pbx/pbx_loopback.c
    branches/1.6.1/pbx/pbx_spool.c
    branches/1.6.1/res/ael/pval.c
    branches/1.6.1/res/res_agi.c
    branches/1.6.1/res/res_config_curl.c
    branches/1.6.1/res/res_config_ldap.c
    branches/1.6.1/res/res_config_pgsql.c
    branches/1.6.1/res/res_config_sqlite.c
    branches/1.6.1/res/res_http_post.c
    branches/1.6.1/res/res_limit.c
    branches/1.6.1/res/res_musiconhold.c
    branches/1.6.1/res/res_odbc.c
    branches/1.6.1/res/res_smdi.c
    branches/1.6.1/res/snmp/agent.c
    branches/1.6.1/utils/extconf.c
    branches/1.6.1/utils/frame.c
    branches/1.6.1/utils/muted.c
Propchange: branches/1.6.1/
------------------------------------------------------------------------------
Binary property 'trunk-merged' - no diff available.
Modified: branches/1.6.1/agi/eagi-sphinx-test.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/agi/eagi-sphinx-test.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/agi/eagi-sphinx-test.c (original)
+++ branches/1.6.1/agi/eagi-sphinx-test.c Mon Aug 10 14:30:55 2009
@@ -223,7 +223,7 @@
 	connect_sphinx();
 	tmp = getenv("agi_enhanced");
 	if (tmp) {
-		if (sscanf(tmp, "%d.%d", &ver, &subver) != 2)
+		if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2)
 			ver = 0;
 	}
 	if (ver < 1) {
Modified: branches/1.6.1/agi/eagi-test.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/agi/eagi-test.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/agi/eagi-test.c (original)
+++ branches/1.6.1/agi/eagi-test.c Mon Aug 10 14:30:55 2009
@@ -156,7 +156,7 @@
 	}
 	tmp = getenv("agi_enhanced");
 	if (tmp) {
-		if (sscanf(tmp, "%d.%d", &ver, &subver) != 2)
+		if (sscanf(tmp, "%30d.%30d", &ver, &subver) != 2)
 			ver = 0;
 	}
 	if (ver < 1) {
Modified: branches/1.6.1/apps/app_adsiprog.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_adsiprog.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_adsiprog.c (original)
+++ branches/1.6.1/apps/app_adsiprog.c Mon Aug 10 14:30:55 2009
@@ -187,7 +187,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Octal value */
-		if (sscanf(src, "%o", (int *)out) != 1)
+		if (sscanf(src, "%30o", (int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */
@@ -197,7 +197,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Hex value */
-		if (sscanf(src + 2, "%x", (unsigned int *)out) != 1)
+		if (sscanf(src + 2, "%30x", (unsigned int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */
@@ -207,7 +207,7 @@
 		if (!(argtype & ARG_NUMBER))
 			return -1;
 		/* Hex value */
-		if (sscanf(src, "%d", (int *)out) != 1)
+		if (sscanf(src, "%30d", (int *)out) != 1)
 			return -1;
 		if (argtype & ARG_STRING) {
 			/* Convert */
Modified: branches/1.6.1/apps/app_alarmreceiver.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_alarmreceiver.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_alarmreceiver.c (original)
+++ branches/1.6.1/apps/app_alarmreceiver.c Mon Aug 10 14:30:55 2009
@@ -115,7 +115,7 @@
 		return;
 	}
 	
-	sscanf(value, "%u", &v);
+	sscanf(value, "%30u", &v);
 	v++;
 
 	ast_verb(4, "AlarmReceiver: New value for %s: %u\n", key, v);
Modified: branches/1.6.1/apps/app_chanspy.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_chanspy.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_chanspy.c (original)
+++ branches/1.6.1/apps/app_chanspy.c Mon Aug 10 14:30:55 2009
@@ -937,7 +937,7 @@
 		if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) {
 			int vol;
 
-			if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4))
+			if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4))
 				ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n");
 			else
 				volfactor = vol;
@@ -1036,7 +1036,7 @@
 		if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) {
 			int vol;
 
-			if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4))
+			if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4))
 				ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n");
 			else
 				volfactor = vol;
Modified: branches/1.6.1/apps/app_dahdibarge.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_dahdibarge.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_dahdibarge.c (original)
+++ branches/1.6.1/apps/app_dahdibarge.c Mon Aug 10 14:30:55 2009
@@ -258,8 +258,8 @@
 	char confnostr[80] = "";
 	
 	if (!ast_strlen_zero(data)) {
-		if ((sscanf(data, "DAHDI/%d", &confno) != 1) &&
-		    (sscanf(data, "%d", &confno) != 1)) {
+		if ((sscanf(data, "DAHDI/%30d", &confno) != 1) &&
+		    (sscanf(data, "%30d", &confno) != 1)) {
 			ast_log(LOG_WARNING, "DAHDIBarge Argument (if specified) must be a channel number, not '%s'\n", (char *)data);
 			return 0;
 		}
@@ -273,7 +273,7 @@
 		confnostr[0] = '\0';
 		res = ast_app_getdata(chan, "conf-getchannel",confnostr, sizeof(confnostr) - 1, 0);
 		if (res <0) goto out;
-		if (sscanf(confnostr, "%d", &confno) != 1)
+		if (sscanf(confnostr, "%30d", &confno) != 1)
 			confno = 0;
 	}
 	if (confno) {
Modified: branches/1.6.1/apps/app_disa.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_disa.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_disa.c (original)
+++ branches/1.6.1/apps/app_disa.c Mon Aug 10 14:30:55 2009
@@ -223,7 +223,7 @@
 			if (!(k&1)) { /* if in password state */
 				if (j == '#') { /* end of password */
 					  /* see if this is an integer */
-					if (sscanf(args.passcode,"%d",&j) < 1) { /* nope, it must be a filename */
+					if (sscanf(args.passcode,"%30d",&j) < 1) { /* nope, it must be a filename */
 						fp = fopen(args.passcode,"r");
 						if (!fp) {
 							ast_log(LOG_WARNING,"DISA password file %s not found on chan %s\n",args.passcode,chan->name);
@@ -249,7 +249,7 @@
 							ast_debug(1, "Mailbox: %s\n",args.mailbox);
 
 							/* password must be in valid format (numeric) */
-							if (sscanf(args.passcode,"%d", &j) < 1)
+							if (sscanf(args.passcode,"%30d", &j) < 1)
 								continue;
 							 /* if we got it */
 							if (!strcmp(exten,args.passcode)) {
Modified: branches/1.6.1/apps/app_followme.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_followme.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_followme.c (original)
+++ branches/1.6.1/apps/app_followme.c Mon Aug 10 14:30:55 2009
@@ -307,7 +307,7 @@
 	featuredigittostr = ast_variable_retrieve(cfg, "general", "featuredigittimeout");
 
 	if (!ast_strlen_zero(featuredigittostr)) {
-		if (!sscanf(featuredigittostr, "%d", &featuredigittimeout))
+		if (!sscanf(featuredigittostr, "%30d", &featuredigittimeout))
 			featuredigittimeout = 5000;
 	}
 
Modified: branches/1.6.1/apps/app_macro.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_macro.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_macro.c (original)
+++ branches/1.6.1/apps/app_macro.c Mon Aug 10 14:30:55 2009
@@ -208,12 +208,12 @@
 	/* does the user want a deeper rabbit hole? */
 	ast_channel_lock(chan);
 	if ((s = pbx_builtin_getvar_helper(chan, "MACRO_RECURSION"))) {
-		sscanf(s, "%d", &maxdepth);
+		sscanf(s, "%30d", &maxdepth);
 	}
 	
 	/* Count how many levels deep the rabbit hole goes */
 	if ((s = pbx_builtin_getvar_helper(chan, "MACRO_DEPTH"))) {
-		sscanf(s, "%d", &depth);
+		sscanf(s, "%30d", &depth);
 	}
 	
 	/* Used for detecting whether to return when a Macro is called from another Macro after hangup */
@@ -221,7 +221,7 @@
 		pbx_builtin_setvar_helper(chan, "MACRO_IN_HANGUP", "1");
 	
 	if ((inhangupc = pbx_builtin_getvar_helper(chan, "MACRO_IN_HANGUP"))) {
-		sscanf(inhangupc, "%d", &inhangup);
+		sscanf(inhangupc, "%30d", &inhangup);
 	}
 	ast_channel_unlock(chan);
 
@@ -474,7 +474,7 @@
 			if ((offsets = pbx_builtin_getvar_helper(chan, "MACRO_OFFSET"))) {
 				/* Handle macro offset if it's set by checking the availability of step n + offset + 1, otherwise continue
 			   	normally if there is any problem */
-				if (sscanf(offsets, "%d", &offset) == 1) {
+				if (sscanf(offsets, "%30d", &offset) == 1) {
 					if (ast_exists_extension(chan, chan->context, chan->exten, chan->priority + offset + 1, chan->cid.cid_num)) {
 						chan->priority += offset;
 					}
Modified: branches/1.6.1/apps/app_meetme.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_meetme.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_meetme.c (original)
+++ branches/1.6.1/apps/app_meetme.c Mon Aug 10 14:30:55 2009
@@ -900,7 +900,7 @@
 	AST_LIST_INSERT_HEAD(&confs, cnf, list);
 
 	/* Reserve conference number in map */
-	if ((sscanf(cnf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
+	if ((sscanf(cnf->confno, "%30d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
 		conf_map[confno_int] = 1;
 	
 cnfout:
@@ -1527,7 +1527,7 @@
 	AST_LIST_LOCK(&confs);
 	if (ast_atomic_dec_and_test(&conf->refcount)) {
 		/* Take the conference room number out of an inuse state */
-		if ((sscanf(conf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
+		if ((sscanf(conf->confno, "%4d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024))
 			conf_map[confno_int] = 0;
 		conf_free(conf);
 		res = 1;
@@ -1691,7 +1691,7 @@
 	/* Possible timeout waiting for marked user */
 	if ((confflags & CONFFLAG_WAITMARKED) &&
 		!ast_strlen_zero(optargs[OPT_ARG_WAITMARKED]) &&
-		(sscanf(optargs[OPT_ARG_WAITMARKED], "%d", &opt_waitmarked_timeout) == 1) &&
+		(sscanf(optargs[OPT_ARG_WAITMARKED], "%30d", &opt_waitmarked_timeout) == 1) &&
 		(opt_waitmarked_timeout > 0)) {
 		timeout = time(NULL) + opt_waitmarked_timeout;
 	}
@@ -3290,7 +3290,7 @@
 				if (!res)
 					ast_waitstream(chan, "");
 			} else {
-				if (sscanf(confno, "%d", &confno_int) == 1) {
+				if (sscanf(confno, "%30d", &confno_int) == 1) {
 					if (!ast_test_flag(&confflags, CONFFLAG_QUIET)) {
 						res = ast_streamfile(chan, "conf-enteringno", chan->language);
 						if (!res) {
@@ -3417,7 +3417,7 @@
 	struct ast_conf_user *user = NULL;
 	int cid;
 	
-	sscanf(callerident, "%i", &cid);
+	sscanf(callerident, "%30i", &cid);
 	if (conf && callerident) {
 		AST_LIST_TRAVERSE(&conf->userlist, user, list) {
 			if (cid == user->user_no)
@@ -3892,7 +3892,7 @@
 	rt_log_members = 1;  
 
 	if ((val = ast_variable_retrieve(cfg, "general", "audiobuffers"))) {
-		if ((sscanf(val, "%d", &audio_buffers) != 1)) {
+		if ((sscanf(val, "%30d", &audio_buffers) != 1)) {
 			ast_log(LOG_WARNING, "audiobuffers setting must be a number, not '%s'\n", val);
 			audio_buffers = DEFAULT_AUDIO_BUFFERS;
 		} else if ((audio_buffers < DAHDI_DEFAULT_NUM_BUFS) || (audio_buffers > DAHDI_MAX_NUM_BUFS)) {
@@ -3909,19 +3909,19 @@
 	if ((val = ast_variable_retrieve(cfg, "general", "logmembercount")))
 		rt_log_members = ast_true(val);
 	if ((val = ast_variable_retrieve(cfg, "general", "fuzzystart"))) {
-		if ((sscanf(val, "%d", &fuzzystart) != 1)) {
+		if ((sscanf(val, "%30d", &fuzzystart) != 1)) {
 			ast_log(LOG_WARNING, "fuzzystart must be a number, not '%s'\n", val);
 			fuzzystart = 0;
 		} 
 	}
 	if ((val = ast_variable_retrieve(cfg, "general", "earlyalert"))) {
-		if ((sscanf(val, "%d", &earlyalert) != 1)) {
+		if ((sscanf(val, "%30d", &earlyalert) != 1)) {
 			ast_log(LOG_WARNING, "earlyalert must be a number, not '%s'\n", val);
 			earlyalert = 0;
 		} 
 	}
 	if ((val = ast_variable_retrieve(cfg, "general", "endalert"))) {
-		if ((sscanf(val, "%d", &endalert) != 1)) {
+		if ((sscanf(val, "%30d", &endalert) != 1)) {
 			ast_log(LOG_WARNING, "endalert must be a number, not '%s'\n", val);
 			endalert = 0;
 		} 
@@ -5487,7 +5487,7 @@
 		if (!strcasecmp(var->name, "autocontext"))
 			ast_string_field_set(trunk, autocontext, var->value);
 		else if (!strcasecmp(var->name, "ringtimeout")) {
-			if (sscanf(var->value, "%u", &trunk->ring_timeout) != 1) {
+			if (sscanf(var->value, "%30u", &trunk->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for trunk '%s'\n",
 					var->value, trunk->name);
 				trunk->ring_timeout = 0;
@@ -5563,13 +5563,13 @@
 		char *name, *value = cur;
 		name = strsep(&value, "=");
 		if (!strcasecmp(name, "ringtimeout")) {
-			if (sscanf(value, "%u", &trunk_ref->ring_timeout) != 1) {
+			if (sscanf(value, "%30u", &trunk_ref->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout value '%s' for "
 					"trunk '%s' on station '%s'\n", value, trunk->name, station->name);
 				trunk_ref->ring_timeout = 0;
 			}
 		} else if (!strcasecmp(name, "ringdelay")) {
-			if (sscanf(value, "%u", &trunk_ref->ring_delay) != 1) {
+			if (sscanf(value, "%30u", &trunk_ref->ring_delay) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringdelay value '%s' for "
 					"trunk '%s' on station '%s'\n", value, trunk->name, station->name);
 				trunk_ref->ring_delay = 0;
@@ -5618,13 +5618,13 @@
 		else if (!strcasecmp(var->name, "autocontext"))
 			ast_string_field_set(station, autocontext, var->value);
 		else if (!strcasecmp(var->name, "ringtimeout")) {
-			if (sscanf(var->value, "%u", &station->ring_timeout) != 1) {
+			if (sscanf(var->value, "%30u", &station->ring_timeout) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for station '%s'\n",
 					var->value, station->name);
 				station->ring_timeout = 0;
 			}
 		} else if (!strcasecmp(var->name, "ringdelay")) {
-			if (sscanf(var->value, "%u", &station->ring_delay) != 1) {
+			if (sscanf(var->value, "%30u", &station->ring_delay) != 1) {
 				ast_log(LOG_WARNING, "Invalid ringdelay '%s' specified for station '%s'\n",
 					var->value, station->name);
 				station->ring_delay = 0;
Modified: branches/1.6.1/apps/app_minivm.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_minivm.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_minivm.c (original)
+++ branches/1.6.1/apps/app_minivm.c Mon Aug 10 14:30:55 2009
@@ -1735,7 +1735,7 @@
 		if (ast_test_flag(&flags, OPT_RECORDGAIN)) {
 			int gain;
 
-			if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) {
+			if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) {
 				ast_log(LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]);
 				return -1;
 			} else 
@@ -2160,7 +2160,7 @@
 		} else if (!strcasecmp(var->name, "pager")) {
 			ast_copy_string(vmu->pager, var->value, sizeof(vmu->pager));
 		} else if (!strcasecmp(var->name, "volgain")) {
-			sscanf(var->value, "%lf", &vmu->volgain);
+			sscanf(var->value, "%30lf", &vmu->volgain);
 		} else {
 			ast_log(LOG_ERROR, "Unknown configuration option for minivm account %s : %s\n", name, var->name);
 		}
@@ -2330,7 +2330,7 @@
 			global_silencethreshold = atoi(var->value);
 		} else if (!strcmp(var->name, "maxmessage")) {
 			int x;
-			if (sscanf(var->value, "%d", &x) == 1) {
+			if (sscanf(var->value, "%30d", &x) == 1) {
 				global_vmmaxmessage = x;
 			} else {
 				error ++;
@@ -2338,7 +2338,7 @@
 			}
 		} else if (!strcmp(var->name, "minmessage")) {
 			int x;
-			if (sscanf(var->value, "%d", &x) == 1) {
+			if (sscanf(var->value, "%30d", &x) == 1) {
 				global_vmminmessage = x;
 				if (global_maxsilence <= global_vmminmessage)
 					ast_log(LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n");
Modified: branches/1.6.1/apps/app_mixmonitor.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_mixmonitor.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_mixmonitor.c (original)
+++ branches/1.6.1/apps/app_mixmonitor.c Mon Aug 10 14:30:55 2009
@@ -426,7 +426,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_READVOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_READVOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the heard volume ('v') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_READVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_READVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Heard volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_READVOLUME]);
 			} else {
 				readvol = get_volfactor(x);
@@ -436,7 +436,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_WRITEVOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_WRITEVOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the spoken volume ('V') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Spoken volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_WRITEVOLUME]);
 			} else {
 				writevol = get_volfactor(x);
@@ -446,7 +446,7 @@
 		if (ast_test_flag(&flags, MUXFLAG_VOLUME)) {
 			if (ast_strlen_zero(opts[OPT_ARG_VOLUME])) {
 				ast_log(LOG_WARNING, "No volume level was provided for the combined volume ('W') option.\n");
-			} else if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) {
+			} else if ((sscanf(opts[OPT_ARG_VOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) {
 				ast_log(LOG_NOTICE, "Combined volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_VOLUME]);
 			} else {
 				readvol = writevol = get_volfactor(x);
Modified: branches/1.6.1/apps/app_morsecode.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_morsecode.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_morsecode.c (original)
+++ branches/1.6.1/apps/app_morsecode.c Mon Aug 10 14:30:55 2009
@@ -113,7 +113,7 @@
 	/* Use variable MORESEDITLEN, if set (else 80) */
 	ast_channel_lock(chan);
 	ditlenc = pbx_builtin_getvar_helper(chan, "MORSEDITLEN");
-	if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%d", &ditlen) != 1)) {
+	if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%30d", &ditlen) != 1)) {
 		ditlen = 80;
 	}
 	ast_channel_unlock(chan);
@@ -121,7 +121,7 @@
 	/* Use variable MORSETONE, if set (else 800) */
 	ast_channel_lock(chan);
 	tonec = pbx_builtin_getvar_helper(chan, "MORSETONE");
-	if (ast_strlen_zero(tonec) || (sscanf(tonec, "%d", &tone) != 1)) {
+	if (ast_strlen_zero(tonec) || (sscanf(tonec, "%30d", &tone) != 1)) {
 		tone = 800;
 	}
 	ast_channel_unlock(chan);
Modified: branches/1.6.1/apps/app_osplookup.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_osplookup.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_osplookup.c (original)
+++ branches/1.6.1/apps/app_osplookup.c Mon Aug 10 14:30:55 2009
@@ -247,7 +247,7 @@
 				ast_log(LOG_WARNING, "OSP: Too many Service Points at line %d\n", v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "maxconnections")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) {
 				p->maxconnections = t;
 				ast_debug(1, "OSP: maxconnections '%d'\n", t);
 			} else {
@@ -255,7 +255,7 @@
 					OSP_MIN_MAXCONNECTIONS, OSP_MAX_MAXCONNECTIONS, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "retrydelay")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) {
 				p->retrydelay = t;
 				ast_debug(1, "OSP: retrydelay '%d'\n", t);
 			} else {
@@ -263,7 +263,7 @@
 					OSP_MIN_RETRYDELAY, OSP_MAX_RETRYDELAY, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "retrylimit")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) {
 				p->retrylimit = t;
 				ast_debug(1, "OSP: retrylimit '%d'\n", t);
 			} else {
@@ -271,7 +271,7 @@
 					OSP_MIN_RETRYLIMIT, OSP_MAX_RETRYLIMIT, v->value, v->lineno);
 			}
 		} else if (!strcasecmp(v->name, "timeout")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) {
 				p->timeout = t;
 				ast_debug(1, "OSP: timeout '%d'\n", t);
 			} else {
@@ -282,7 +282,7 @@
 			ast_copy_string(p->source, v->value, sizeof(p->source));
 			ast_debug(1, "OSP: source '%s'\n", p->source);
 		} else if (!strcasecmp(v->name, "authpolicy")) {
-			if ((sscanf(v->value, "%d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) {
+			if ((sscanf(v->value, "%30d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) {
 				p->authpolicy = t;
 				ast_debug(1, "OSP: authpolicy '%d'\n", t);
 			} else {
@@ -1392,11 +1392,11 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) {
 				result.inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) {
-			if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) {
 				result.intimelimit = OSP_DEF_TIMELIMIT;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINNETWORKID")) {
@@ -1533,7 +1533,7 @@
 
 	AST_STANDARD_APP_ARGS(args, tmp);
 
-	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) {
+	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) {
 		cause = 0;
 	}
 	ast_debug(1, "OSPNext: cause '%d'\n", cause);
@@ -1551,23 +1551,23 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) {
 				result.inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &result.outhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.outhandle) != 1) {
 				result.outhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) {
-			if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) {
 				result.intimelimit = OSP_DEF_TIMELIMIT;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTCALLIDTYPES")) {
-			if (sscanf(ast_var_value(current), "%d", &callidtypes) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &callidtypes) != 1) {
 				callidtypes = OSP_CALLID_UNDEFINED;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPRESULTS")) {
-			if (sscanf(ast_var_value(current), "%d", &result.numresults) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &result.numresults) != 1) {
 				result.numresults = 0;
 			}
 		}
@@ -1686,11 +1686,11 @@
 	headp = &chan->varshead;
 	AST_LIST_TRAVERSE(headp, current, entries) {
 		if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &inhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &inhandle) != 1) {
 				inhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) {
-			if (sscanf(ast_var_value(current), "%d", &outhandle) != 1) {
+			if (sscanf(ast_var_value(current), "%30d", &outhandle) != 1) {
 				outhandle = OSP_INVALID_HANDLE;
 			}
 		} else if (!recorded &&
@@ -1707,7 +1707,7 @@
 	ast_debug(1, "OSPFinish: OSPOUTHANDLE '%d'\n", outhandle);
 	ast_debug(1, "OSPFinish: recorded '%d'\n", recorded);
 
-	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) {
+	if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) {
 		cause = 0;
 	}
 	ast_debug(1, "OSPFinish: cause '%d'\n", cause);
@@ -1799,7 +1799,7 @@
 
 		t = ast_variable_retrieve(cfg, OSP_GENERAL_CAT, "tokenformat");
 		if (t) {
-			if ((sscanf(t, "%d", &v) == 1) &&
+			if ((sscanf(t, "%30d", &v) == 1) &&
 				((v == TOKEN_ALGO_SIGNED) || (v == TOKEN_ALGO_UNSIGNED) || (v == TOKEN_ALGO_BOTH)))
 			{
 				osp_tokenformat = v;
Modified: branches/1.6.1/apps/app_privacy.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_privacy.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_privacy.c (original)
+++ branches/1.6.1/apps/app_privacy.c Mon Aug 10 14:30:55 2009
@@ -92,13 +92,13 @@
 			AST_STANDARD_APP_ARGS(args, parse);
 
 			if (args.maxretries) {
-				if (sscanf(args.maxretries, "%d", &x) == 1)
+				if (sscanf(args.maxretries, "%30d", &x) == 1)
 					maxretries = x;
 				else
 					ast_log(LOG_WARNING, "Invalid max retries argument\n");
 			}
 			if (args.minlength) {
-				if (sscanf(args.minlength, "%d", &x) == 1)
+				if (sscanf(args.minlength, "%30d", &x) == 1)
 					minlength = x;
 				else
 					ast_log(LOG_WARNING, "Invalid min length argument\n");
Modified: branches/1.6.1/apps/app_queue.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_queue.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_queue.c (original)
+++ branches/1.6.1/apps/app_queue.c Mon Aug 10 14:30:55 2009
@@ -4653,7 +4653,7 @@
 	}
 
 	if (!ast_strlen_zero(args.penalty)) {
-		if ((sscanf(args.penalty, "%d", &penalty) != 1) || penalty < 0) {
+		if ((sscanf(args.penalty, "%30d", &penalty) != 1) || penalty < 0) {
 			ast_log(LOG_WARNING, "Penalty '%s' is invalid, must be an integer >= 0\n", args.penalty);
 			penalty = 0;
 		}
@@ -4815,7 +4815,7 @@
 	ast_channel_lock(chan);
 	user_priority = pbx_builtin_getvar_helper(chan, "QUEUE_PRIO");
 	if (user_priority) {
-		if (sscanf(user_priority, "%d", &prio) == 1) {
+		if (sscanf(user_priority, "%30d", &prio) == 1) {
 			ast_debug(1, "%s: Got priority %d from ${QUEUE_PRIO}.\n", chan->name, prio);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_PRIO}: Invalid value (%s), channel %s.\n",
@@ -4830,7 +4830,7 @@
 	/* Get the maximum penalty from the variable ${QUEUE_MAX_PENALTY} */
 
 	if ((max_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MAX_PENALTY"))) {
-		if (sscanf(max_penalty_str, "%d", &max_penalty) == 1) {
+		if (sscanf(max_penalty_str, "%30d", &max_penalty) == 1) {
 			ast_debug(1, "%s: Got max penalty %d from ${QUEUE_MAX_PENALTY}.\n", chan->name, max_penalty);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_MAX_PENALTY}: Invalid value (%s), channel %s.\n",
@@ -4842,7 +4842,7 @@
 	}
 
 	if ((min_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MIN_PENALTY"))) {
-		if (sscanf(min_penalty_str, "%d", &min_penalty) == 1) {
+		if (sscanf(min_penalty_str, "%30d", &min_penalty) == 1) {
 			ast_debug(1, "%s: Got min penalty %d from ${QUEUE_MIN_PENALTY}.\n", chan->name, min_penalty);
 		} else {
 			ast_log(LOG_WARNING, "${QUEUE_MIN_PENALTY}: Invalid value (%s), channel %s.\n",
@@ -6115,7 +6115,7 @@
 
 	if (ast_strlen_zero(penalty_s))
 		penalty = 0;
-	else if (sscanf(penalty_s, "%d", &penalty) != 1 || penalty < 0)
+	else if (sscanf(penalty_s, "%30d", &penalty) != 1 || penalty < 0)
 		penalty = 0;
 
 	if (ast_strlen_zero(paused_s))
@@ -6308,7 +6308,7 @@
 	queuename = a->argv[5];
 	interface = a->argv[3];
 	if (a->argc >= 8) {
-		if (sscanf(a->argv[7], "%d", &penalty) == 1) {
+		if (sscanf(a->argv[7], "%30d", &penalty) == 1) {
 			if (penalty < 0) {
 				ast_cli(a->fd, "Penalty must be >= 0\n");
 				penalty = 0;
Modified: branches/1.6.1/apps/app_readfile.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_readfile.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_readfile.c (original)
+++ branches/1.6.1/apps/app_readfile.c Mon Aug 10 14:30:55 2009
@@ -73,7 +73,7 @@
 	}
 
 	if (length) {
-		if ((sscanf(length, "%d", &len) != 1) || (len < 0)) {
+		if ((sscanf(length, "%30d", &len) != 1) || (len < 0)) {
 			ast_log(LOG_WARNING, "%s is not a positive number, defaulting length to max\n", length);
 			len = 0;
 		}
Modified: branches/1.6.1/apps/app_record.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_record.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_record.c (original)
+++ branches/1.6.1/apps/app_record.c Mon Aug 10 14:30:55 2009
@@ -146,7 +146,7 @@
 		return -1;
 	}
 	if (args.silence) {
-		if ((sscanf(args.silence, "%d", &i) == 1) && (i > -1)) {
+		if ((sscanf(args.silence, "%30d", &i) == 1) && (i > -1)) {
 			silence = i * 1000;
 		} else if (!ast_strlen_zero(args.silence)) {
 			ast_log(LOG_WARNING, "'%s' is not a valid silence duration\n", args.silence);
@@ -154,7 +154,7 @@
 	}
 	
 	if (args.maxduration) {
-		if ((sscanf(args.maxduration, "%d", &i) == 1) && (i > -1))
+		if ((sscanf(args.maxduration, "%30d", &i) == 1) && (i > -1))
 			/* Convert duration to milliseconds */
 			maxduration = i * 1000;
 		else if (!ast_strlen_zero(args.maxduration))
Modified: branches/1.6.1/apps/app_rpt.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_rpt.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_rpt.c (original)
+++ branches/1.6.1/apps/app_rpt.c Mon Aug 10 14:30:55 2009
@@ -2101,7 +2101,8 @@
 
 	if (str == NULL) return -1;
 	/* leave this %i alone, non-base-10 input is useful here */
-	if (sscanf(str,"%i",&ret) != 1) return -1;
+	if (sscanf(str, "%30i", &ret) != 1)
+		return -1;
 	return ret;
 }
 
@@ -2325,7 +2326,7 @@
 	/* do not use atoi() here, we need to be able to have
 		the input specified in hex or decimal so we use
 		sscanf with a %i */
-	if ((!val) || (sscanf(val,"%i",&rpt_vars[n].p.iobase) != 1))
+	if ((!val) || (sscanf(val, "%30i", &rpt_vars[n].p.iobase) != 1))
 		rpt_vars[n].p.iobase = DEFAULT_IOBASE;
 	val = (char *) ast_variable_retrieve(cfg,this,"ioport");
 	rpt_vars[n].p.ioport = val;
@@ -3640,7 +3641,7 @@
 		tonesubset = strsep(&stringp,")");
 		if(!tonesubset)
 			break;
-		if(sscanf(tonesubset,"(%d,%d,%d,%d", &f1, &f2, &duration, &litude) != 4)
+		if(sscanf(tonesubset,"(%30d,%30d,%30d,%30d", &f1, &f2, &duration, &litude) != 4)
 			break;
 		res = play_tone_pair(chan, f1, f2, duration, amplitude);
 		if(res)
@@ -5065,7 +5066,7 @@
 		p = strstr(tdesc, "version");	
 		if(!p)
 			break;	
-		if(sscanf(p, "version %d.%d", &vmajor, &vminor) != 2)
+		if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) != 2)
 			break;
     		wait_interval(myrpt, DLY_TELEM, mychannel); /* Wait a little bit */
 		/* Say "version" */
@@ -6673,10 +6674,12 @@
 static void handle_link_data(struct rpt *myrpt, struct rpt_link *mylink,
 	char *str)
 {
-char	tmp[512],tmp1[512],cmd[300] = "",dest[300],src[300],c;
-int	i,seq, res, ts;
-struct rpt_link *l;
-struct	ast_frame wf;
+	/* XXX ATTENTION: if you change the size of these arrays you MUST
+	 * change the limits in corresponding sscanf() calls below. */
+	char tmp[512], tmp1[512], cmd[300] = "", dest[300], src[300], c;
+	int	i,seq, res, ts;
+	struct rpt_link *l;
+	struct	ast_frame wf;
 
 	wf.frametype = AST_FRAME_TEXT;
 	wf.subclass = 0;
@@ -6711,7 +6714,7 @@
 	}
 	if (tmp[0] == 'K')
 	{
-		if (sscanf(tmp,"%s %s %s %d %d",cmd,dest,src,&seq,&ts) != 5)
+		if (sscanf(tmp,"%299s %299s %299s %30d %30d",cmd,dest,src,&seq,&ts) != 5)
 		{
 			ast_log(LOG_WARNING, "Unable to parse keying string %s\n",str);
 			return;
@@ -6819,7 +6822,7 @@
 	}
 	if (tmp[0] == 'I')
 	{
-		if (sscanf(tmp,"%s %s %x",cmd,src,&seq) != 3)
+		if (sscanf(tmp, "%299s %299s %30x", cmd, src, &seq) != 3)
 		{
 			ast_log(LOG_WARNING, "Unable to parse ident string %s\n",str);
 			return;
@@ -6829,7 +6832,7 @@
 	}
 	else
 	{
-		if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5)
+		if (sscanf(tmp, "%299s %299s %299s %30d %1c", cmd, dest, src, &seq, &c) != 5)
 		{
 			ast_log(LOG_WARNING, "Unable to parse link string %s\n",str);
 			return;
@@ -10224,8 +10227,10 @@
 
 static int handle_remote_data(struct rpt *myrpt, char *str)
 {
-char	tmp[300],cmd[300],dest[300],src[300],c;
-int	seq,res;
+	/* XXX ATTENTION: if you change the size of these arrays you MUST
+	 * change the limits in corresponding sscanf() calls below. */
+	char tmp[300], cmd[300], dest[300], src[300], c;
+	int	seq,res;
 
  	/* put string in our buffer */
 	strncpy(tmp,str,sizeof(tmp) - 1);
@@ -10248,7 +10253,9 @@
 		return 0;
 	}
 #endif
-	if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5)
+	/* XXX WARNING: be very careful with the limits on the folowing
+	 * sscanf() call, make sure they match the values defined above */
+	if (sscanf(tmp, "%299s %299s %299s %30d %1c", cmd, dest, src, &seq, &c) != 5)
 	{
 		ast_log(LOG_WARNING, "Unable to parse link string %s\n",str);
 		return 0;
@@ -11879,7 +11886,7 @@
                 	p = strstr(tdesc, "version");
                 	if(p){
 				int vmajor,vminor;
-				if(sscanf(p, "version %d.%d", &vmajor, &vminor) == 2)
+				if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) == 2)
 					sprintf(str + strlen(str),"&apprptvers=%d.%d",vmajor,vminor);
 			}
 			time(&now);
Modified: branches/1.6.1/apps/app_setcallerid.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_setcallerid.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_setcallerid.c (original)
+++ branches/1.6.1/apps/app_setcallerid.c Mon Aug 10 14:30:55 2009
@@ -70,7 +70,7 @@
 	}
 
 	/* For interface consistency, permit the argument to be specified as a number */
-	if (sscanf(data, "%d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) {
+	if (sscanf(data, "%30d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) {
 		pres = ast_parse_caller_presentation(data);
 	}
 
Modified: branches/1.6.1/apps/app_sms.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_sms.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_sms.c (original)
+++ branches/1.6.1/apps/app_sms.c Mon Aug 10 14:30:55 2009
@@ -856,7 +856,7 @@
 					} else if (!strcmp(line, "scts")) {    /* get date/time */
 						int Y, m, d, H, M, S;
 						/* XXX Why aren't we using ast_strptime here? */
-						if (sscanf(p, "%d-%d-%dT%d:%d:%d", &Y, &m, &d, &H, &M, &S) == 6) {
+						if (sscanf(p, "%4d-%2d-%2dT%2d:%2d:%2d", &Y, &m, &d, &H, &M, &S) == 6) {
 							struct ast_tm t = { 0, };
 							t.tm_year = Y - 1900;
 							t.tm_mon = m - 1;
Modified: branches/1.6.1/apps/app_stack.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.6.1/apps/app_stack.c?view=diff&rev=211569&r1=211568&r2=211569
==============================================================================
--- branches/1.6.1/apps/app_stack.c (original)
+++ branches/1.6.1/apps/app_stack.c Mon Aug 10 14:30:55 2009
@@ -420,7 +420,7 @@
 
[... 3043 lines stripped ...]
    
    
More information about the svn-commits
mailing list