From efa4ecc369d7e643ceb5f25ae99850d889c2ca76 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Sat, 18 Jul 2015 17:19:57 +0000 Subject: check sscanf conversion, fixes Coverity 21666 ok doug@, miod@, guenther@ --- regress/lib/libcrypto/evp/evptest.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'regress') diff --git a/regress/lib/libcrypto/evp/evptest.c b/regress/lib/libcrypto/evp/evptest.c index a71c1fb55ac..bd5da475f1d 100644 --- a/regress/lib/libcrypto/evp/evptest.c +++ b/regress/lib/libcrypto/evp/evptest.c @@ -81,10 +81,14 @@ convert(unsigned char *s) unsigned int n; if (!s[1]) { - fprintf(stderr, "Odd number of hex digits!"); + fprintf(stderr, "Odd number of hex digits!\n"); exit(4); } - sscanf((char *)s, "%2x",&n); + if (sscanf((char *)s, "%2x", &n) != 1) { + fprintf(stderr, "Invalid hex value at %s\n", s); + exit(4); + } + *d = (unsigned char)n; } return s - d; -- cgit v1.2.3