The context to this is that nbdkit uses sscanf to parse simple file
formats in various places, eg:
https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18...
https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18...
We can only do this safely where we can prove that overflow does not
matter. In other cases we've had to change sscanf uses to strto* etc
which is much more difficult to use correctly. Just look at how much
code is required to wrap strto* functions to use them safely:
https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18...
Rich.
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
Read my programming and virtualization blog:
http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v