[llvm-commits] [PATCH] Replace use of sscanf with string object operations

Benjamin Kramer benny.kra at gmail.com
Thu Oct 4 02:15:05 PDT 2012 

On 04.10.2012, at 06:48, "Martinez, Javier E" <javier.e.martinez at intel.com> wrote:

> Hello,
>  
> Attached is a patch to remove the use of sscanf. The misuse of some C string functions such as sscanf can cause as security vulnerability. As discussed in the development mailing list the preference is to use string objects to manipulate strings instead of the C functions.
>  
> Please review the patch and commit if the changes are ok.


>  Index: lib/Archive/ArchiveReader.cpp
> ===================================================================
> --- lib/Archive/ArchiveReader.cpp	(revision 165159)
> +++ lib/Archive/ArchiveReader.cpp	(working copy)
> @@ -19,6 +19,7 @@
>  #include <cstdio>
>  #include <cstdlib>
>  #include <memory>
> +#include <sstream>
>  using namespace llvm;
>  
>  /// Read a variable-bit-rate encoded unsigned integer
> @@ -221,9 +222,9 @@
>    member->path.set(pathname);
>    member->info.fileSize = MemberSize;
>    member->info.modTime.fromEpochTime(atoi(Hdr->date));
> -  unsigned int mode;
> -  sscanf(Hdr->mode, "%o", &mode);
> -  member->info.mode = mode;
> +  std::istringstream convertString;
> +  convertString.str(Hdr->mode);
> +  convertString >> std::oct >> member->info.mode;

StringRef.getAsInteger is the preferred way to do this in LLVM.

>    member->info.user = atoi(Hdr->uid);
>    member->info.group = atoi(Hdr->gid);
>    member->flags = flags;
> Index: lib/Target/NVPTX/NVPTXAsmPrinter.cpp
> ===================================================================
> --- lib/Target/NVPTX/NVPTXAsmPrinter.cpp	(revision 165150)
> +++ lib/Target/NVPTX/NVPTXAsmPrinter.cpp	(working copy)
> @@ -561,14 +561,19 @@
>  
>    case MachineOperand::MO_ExternalSymbol: {
>      const char * symbname = MO.getSymbolName();
> -    if (strstr(symbname, ".PARAM") == symbname) {
> +    std::string symb(symbname);
> +    if (symb.find(".PARAM") == 0) {

Is strstr really deprecated? Anyways, there is StringRef.startswith that handles this in a elegant and readable way.

>        unsigned index;
> -      sscanf(symbname+6, "%u[];", &index);
> +      symb.replace(0,6,"");
> +      std::istringstream iss(symb);
> +      iss >> index;

StringRef.getAsInteger

>        printParamName(index, O);
>      }
> -    else if (strstr(symbname, ".HLPPARAM") == symbname) {
> +    else if (symb.find(".HLPPARAM") == 0) {
>        unsigned index;
> -      sscanf(symbname+9, "%u[];", &index);
> +      symb.replace(0,9,"");
> +      std::istringstream iss(symb);
> +      iss >> index;

dito

- Ben

>        O << *CurrentFnSym << "_param_" << index << "_offset";
>      }
>      else

More information about the llvm-commits mailing list