From 50fcb4ee771cabbae99bb3150b26484f3e573fab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20E=C3=9Fer?= <se@FreeBSD.org>
Date: Sat, 26 Dec 2020 22:21:49 +0100
Subject: [PATCH] Replace sscanf() by strtoul()

This change has been motivated by a mail from bde sent in 2015 in
which he mentioned inappropriate use of sscanf() in 3 programs in
/bin.

This change removes the potential mismatch of the types of the return
values and the variable width specified in the scan pattern. While
there was no issue with the patterns and types used, the new code is
simpler and more efficient.
---
 bin/stty/gfmt.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/bin/stty/gfmt.c b/bin/stty/gfmt.c
index 055edf880bd6..12ed2a2d3500 100644
--- a/bin/stty/gfmt.c
+++ b/bin/stty/gfmt.c
@@ -39,6 +39,7 @@ __FBSDID("$FreeBSD$");
 
 #include <err.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include "stty.h"
@@ -85,7 +86,7 @@ gread(struct termios *tp, char *s)
 		if (!(ep = strchr(p, '=')))
 			gerr(p);
 		*ep++ = '\0';
-		(void)sscanf(ep, "%lx", (u_long *)&tmp);
+		tmp = strtoul(ep, NULL, 0x10);
 
 #define	CHK(s)	(*p == s[0] && !strcmp(p, s))
 		if (CHK("cflag")) {
@@ -97,7 +98,7 @@ gread(struct termios *tp, char *s)
 			continue;
 		}
 		if (CHK("ispeed")) {
-			(void)sscanf(ep, "%ld", &tmp);
+			tmp = strtoul(ep, NULL, 10);
 			tp->c_ispeed = tmp;
 			continue;
 		}
@@ -110,14 +111,14 @@ gread(struct termios *tp, char *s)
 			continue;
 		}
 		if (CHK("ospeed")) {
-			(void)sscanf(ep, "%ld", &tmp);
+			tmp = strtoul(ep, NULL, 10);
 			tp->c_ospeed = tmp;
 			continue;
 		}
 		for (cp = cchars1; cp->name != NULL; ++cp)
 			if (CHK(cp->name)) {
 				if (cp->sub == VMIN || cp->sub == VTIME)
-					(void)sscanf(ep, "%ld", &tmp);
+					tmp = strtoul(ep, NULL, 10);
 				tp->c_cc[cp->sub] = tmp;
 				break;
 			}