touch-packages team mailing list archive

Thread
Date

[Bug 937573] Re: Coverity SECURE_CODING - CID 10658

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Marco Trevisan (Treviño) <mail@xxxxxxxxx>
Date: Thu, 10 Sep 2015 01:30:39 -0000
Reply-to: Bug 937573 <937573@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: nux (Ubuntu)
       Status: New => Fix Released

** Changed in: nux (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nux in Ubuntu.
https://bugs.launchpad.net/bugs/937573

Title:
  Coverity SECURE_CODING - CID 10658

Status in Nux:
  Fix Released
Status in Nux 4.0 series:
  Fix Released
Status in nux package in Ubuntu:
  Fix Released

Bug description:
  This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
  CID: 10658
  Checker: SECURE_CODING
  Category: No category available
  CWE definition: http://cwe.mitre.org/data/definitions/676.html
  File: /tmp/buildd/nux-2.4.0/NuxCore/TinyXML/tinyxml.cpp
  Function: TiXmlAttribute::QueryDoubleValue(double *) const
  Code snippet:
  1397 }
  1398 
  1399 int TiXmlAttribute::QueryDoubleValue ( double *dval ) const
  1400 {
  CID 10658 - SECURE_CODING
  [VERY RISKY]. Using "sscanf" can cause a buffer overflow when done incorrectly.  sscanf() assumes an arbitrarily large string, so callers must use correct precision specifiers or never use sscanf(). Use correct precision specifiers or do your own parsing.
  1401   if ( TIXML_SSCANF ( value.c_str(), "%lf", dval ) == 1 )
  1402     return TIXML_SUCCESS;
  1403 
  1404   return TIXML_WRONG_TYPE;
  1405 }
  1406

To manage notifications about this bug go to:
https://bugs.launchpad.net/nux/+bug/937573/+subscriptions