grass icon indicating copy to clipboard operation
grass copied to clipboard

Published 20 hours ago verified publisher icon OSGeo

g.region/r.to.rast3elev: fixed scanf error to recognize EOF as a possible return value

Open naidneelttil opened this issue 1 year ago • 2 comments

scanf can return EOF as a return value, which can be a security issue if not accounted for.

naidneelttil avatar Feb 25 '24 01:02 naidneelttil

@HuidaeCho with this PR now limited to only three changes with checks like == 1, is this PR ready to go?

echoix avatar Mar 13 '24 01:03 echoix

Not only does the parser either return NULL or a non-empty string, the string is also guaranteed to contain a valid integer as it already been tested with https://github.com/OSGeo/grass/blob/8a3c6b7c7627036bf52681cdcb9c9833c398d6ac/lib/gis/parser.c#L1399 There is no way a compiler/static analyser could know this.

I see two possible "solutions" to this:

  1. Change to early exit strategy: eg. if (sscanf(value, "%i", &pix) != 1) die(parm.grow);
  2. Silence the warning with void: eg. if ((void)sscanf(value, "%i", &pix)) {

if (sscanf(value, "%i", &pix) == 1) { without response if the if condition is false, will only lead to new problems.

nilason avatar Apr 09 '24 20:04 nilason