FIX static analyzer issue 55/29455/2
authori.metelytsia <i.metelytsia@samsung.com>
Tue, 23 Apr 2019 11:09:10 +0000 (14:09 +0300)
committeri.metelytsia <i.metelytsia@samsung.com>
Tue, 23 Apr 2019 13:26:27 +0000 (16:26 +0300)
    - roleresource.c : sscanf function call has been replaced with strtol

Change-Id: I890548b946a8d27026a85ebd3bbad610d5b39a32
Signed-off-by: i.metelytsia <i.metelytsia@samsung.com>
resource/csdk/security/src/rolesresource.c

index 2d5627c..43086b6 100644 (file)
@@ -30,6 +30,7 @@
 #include <stdint.h>
 #include <stdbool.h>
 #include <inttypes.h>
+#include <errno.h>
 #include "oic_string.h"
 #include "cainterface.h"
 #include "experimental/payload_logging.h"
@@ -940,8 +941,10 @@ static OCEntityHandlerResult HandleDeleteRequest(OCEntityHandlerRequest *ehReque
         if (strncasecmp((const char *)parseIter.attrPos, OIC_JSON_CREDID_NAME,
             parseIter.attrLen) == 0)
         {
-            int ret = sscanf((const char *)parseIter.valPos, "%u", &credId);
-            if (1 > ret)
+            char* endptr = NULL;
+            errno = 0;
+            credId = strtol((const char*)parseIter.valPos, &endptr, 10);
+            if (errno != 0 || !endptr || endptr == (char*)parseIter.valPos || *endptr != '\0')
             {
                 OIC_LOG_V(ERROR, TAG, "credId was not valid: %s", parseIter.valPos);
                 ehRet = OC_EH_ERROR;