From 7d0dd4b5da6c8fed254017ba04e1efb75e6db851 Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Wed, 19 Apr 2017 16:25:16 +0900 Subject: [WGID-201831, 201833] Fixed for secure coding sscanf() is replaced with strtol() Change-Id: Ifc4c35ddbeaee29c3fd47c7c5c9e4dd1e1bb7052 Signed-off-by: Seonah Moon --- packaging/org.tizen.w-wifi.spec | 2 +- sources/wearable/src/wearable-circle/app_main.c | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/packaging/org.tizen.w-wifi.spec b/packaging/org.tizen.w-wifi.spec index 36642db..868a14e 100644 --- a/packaging/org.tizen.w-wifi.spec +++ b/packaging/org.tizen.w-wifi.spec @@ -1,7 +1,7 @@ %define _unpackaged_files_terminate_build 0 Name: org.tizen.w-wifi Summary: Wi-Fi UI Gadget for TIZEN wearable -Version: 1.0.227 +Version: 1.0.228 Release: 1 Group: App/Network License: Flora-1.1 diff --git a/sources/wearable/src/wearable-circle/app_main.c b/sources/wearable/src/wearable-circle/app_main.c index 4325767..b20f200 100644 --- a/sources/wearable/src/wearable-circle/app_main.c +++ b/sources/wearable/src/wearable-circle/app_main.c @@ -2651,8 +2651,16 @@ static void __static_ip_wearable_input_changed_cb(void *data, Evas_Object *obj, static gchar *_make_gateway_address_use_ip_address(const gchar *ip_address) { gint ip_addr[4] = { 0 }; - sscanf(ip_address, "%d.%d.%d.%d", &ip_addr[0], &ip_addr[1], - &ip_addr[2], &ip_addr[3]); + char *ptr1, *ptr2, *ptr3; + + if (ip_address == NULL || ip_address[0] == '\0') + return NULL; + + ip_addr[0] = (int)strtol(ip_address, &ptr3, 10); + ip_addr[1] = (int)strtol(ptr3 + 1, &ptr2, 10); + ip_addr[2] = (int)strtol(ptr2 + 1, &ptr1, 10); + ip_addr[3] = (int)strtol(ptr1 + 1, NULL, 10); + return g_strdup_printf("%d.%d.%d.1", ip_addr[0], ip_addr[1], ip_addr[2]); } @@ -2663,7 +2671,6 @@ static void __static_ip_wearable_input_activated_cb(void *data, Evas_Object *obj app_object *app_obj = data; static_ip_menu_type selected_menu; gchar *ip_addr_text = NULL; - gint ip_addr[4] = { 0 }; __WIFI_FUNC_ENTER__; WIFI_RET_IF_FAIL(app_obj != NULL); @@ -2675,11 +2682,6 @@ static void __static_ip_wearable_input_activated_cb(void *data, Evas_Object *obj return; } - sscanf(ip_addr_text, "%d.%d.%d.%d", &ip_addr[0], &ip_addr[1], - &ip_addr[2], &ip_addr[3]); - g_snprintf(ip_addr_text, 16, "%d.%d.%d.%d", ip_addr[0], ip_addr[1], - ip_addr[2], ip_addr[3]); - selected_menu = layout_static_ip_get_selected_menu(app_obj->static_ip); switch (selected_menu) { case STATIC_IP_ITEM_IP_ADDRESS: -- cgit v1.2.3