From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 13 Nov 2014 07:50:35 +0000 (+0100)
Subject: s3:lib: fix/simplify srprs_hex()
X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=da0ee7d866bf9713f80c074a509156bd1d8cf86f;p=obnox%2Fsamba%2Fsamba-obnox.git

s3:lib: fix/simplify srprs_hex()

There're a few problems with this function.

- it pretends to support values up to UINT64_MAX
  in it only returns 'unsigned' which support only
  values up to UINT32_MAX. Currently we only have
  callers with len=2 and len=8, so it's not a triggered
  bug.

  We just allow (len >= 1 && len <= 8) now.

- The compiler is not able to inspect the format string
  to sscanf().

  We copy up to 8 bytes into a stack buffer
  and always pass "%8x" to sscanf.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---

diff --git a/source3/lib/srprs.c b/source3/lib/srprs.c
index 35920f18c21..a3fd0c3e48a 100644
--- a/source3/lib/srprs.c
+++ b/source3/lib/srprs.c
@@ -125,26 +125,22 @@ fail:
 
 bool srprs_hex(const char** ptr, size_t len, unsigned* u)
 {
-	static const char* FMT[] = {
-		"%1x","%2x","%3x","%4x","%5x","%6x","%7x","%8x",
-		"%9x","%10x","%11x","%12x","%13x","%14x","%15x","%16x"
-	};
-
-	const char* pos = *ptr;
+	const char *str = *ptr;
+	const char *pos = *ptr;
 	int ret;
 	int i;
+	char buf[8+1] = {};
 
-	assert((len > 0)
-	       && (len <= 2*sizeof(unsigned))
-	       && (len <= sizeof(FMT)/sizeof(const char*)));
+	assert((len >= 1) && (len <= 8));
 
 	for (i=0; i<len; i++) {
 		if (!srprs_charset(&pos, "0123456789abcdefABCDEF", NULL)) {
 			break;
 		}
+		buf[i] = str[i];
 	}
 
-	ret = sscanf(*ptr, FMT[len-1], u);
+	ret = sscanf(buf, "%8x", u);
 
 	if ( ret != 1 ) {
 		return false;