Add a simple locale-independent no-surprises sscanf replacement.

tor_sscanf() only handles %u and %s for now, which will make it adequate to replace sscanf() for date/time/IP parsing. We want this to prevent attackers from constructing weirdly formed descriptors, cells, addresses, HTTP responses, etc, that validate under some locales but not others. svn:r18760
author: Nick Mathewson <nickm@torproject.org> 2009-03-03 18:02:31 +0000
committer: Nick Mathewson <nickm@torproject.org> 2009-03-03 18:02:31 +0000
commit: 26d83fc04c66d2c592ff64b62830c171266b4f75 (patch)
tree: f874d5f4e80efd5c885503af4fe9e5d823b1829b /src/common/util.h
parent: 9f8d095e0fa66dfa5087d5d23028b5caa3a87989 (diff)
download: tor-26d83fc04c66d2c592ff64b62830c171266b4f75.tar.gz
tor-26d83fc04c66d2c592ff64b62830c171266b4f75.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/src/common/util.h b/src/common/util.h
index 93db417f11..cbf5334c15 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -195,6 +195,12 @@ const char *escaped(const char *string);
 struct smartlist_t;
 void wrap_string(struct smartlist_t *out, const char *string, size_t width,
                  const char *prefix0, const char *prefixRest);
+int tor_vsscanf(const char *buf, const char *pattern, va_list ap);
+int tor_sscanf(const char *buf, const char *pattern, ...)
+#ifdef __GNUC__
+  __attribute__((format(scanf, 2, 3)))
+#endif
+  ;
 
 int hex_decode_digit(char c);
 void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen);
author	Nick Mathewson <nickm@torproject.org>	2009-03-03 18:02:31 +0000
committer	Nick Mathewson <nickm@torproject.org>	2009-03-03 18:02:31 +0000
commit	26d83fc04c66d2c592ff64b62830c171266b4f75 (patch)
tree	f874d5f4e80efd5c885503af4fe9e5d823b1829b /src/common/util.h
parent	9f8d095e0fa66dfa5087d5d23028b5caa3a87989 (diff)
download	tor-26d83fc04c66d2c592ff64b62830c171266b4f75.tar.gz tor-26d83fc04c66d2c592ff64b62830c171266b4f75.zip