sscanf return values are checked and add 'Null' check for
mandatory parameters.
Signed-off-by: Dehan Meng <dem...@redhat.com>
---
qga/commands-linux.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/qga/commands-linux.c b/qga/commands-linux.c
index 51d5e3d927..f0e9cdd27c 100644
--- a/qga/commands-linux.c
+++ b/qga/commands-linux.c
@@ -2103,7 +2103,9 @@ static char *hexToIPAddress(const void *hexValue, int
is_ipv6)
int i;
for (i = 0; i < 16; i++) {
- sscanf(&hexStr[i * 2], "%02hhx", &in6.s6_addr[i]);
+ if (sscanf(&hex_str[i * 2], "%02hhx", &in6.s6_addr[i]) != 1) {
+ return NULL;
+ }
}
inet_ntop(AF_INET6, &in6, addr, INET6_ADDRSTRLEN);
@@ -2164,6 +2166,10 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error
**errp)
networkroute = route;
networkroute->iface = g_strdup(Iface);
networkroute->destination = hexToIPAddress(Destination, 1);
+ if (networkroute->destination == NULL) {
+ g_free(route);
+ continue;
+ }
networkroute->metric = Metric;
networkroute->source = hexToIPAddress(Source, 1);
networkroute->desprefixlen = g_strdup_printf(
@@ -2195,6 +2201,10 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error
**errp)
networkroute = route;
networkroute->iface = g_strdup(Iface);
networkroute->destination = hexToIPAddress(&Destination, 0);
+ if (networkroute->destination == NULL) {
+ g_free(route);
+ continue;
+ }
networkroute->gateway = hexToIPAddress(&Gateway, 0);
networkroute->mask = hexToIPAddress(&Mask, 0);
networkroute->metric = Metric;
--
2.40.1
