解决 cppcheck sscanf() without field width limits can crash with huge input data.

该问题是cppcheck检测出使用sscanf函数时，开发人员未对匹配的字符串做长度限制导致的

举个栗子

#include <stdio.h>

int main()
{
    char ip[16] = {0};
    char name[32] = {0};
    char tel[12] = {0};
    char detail[400] = "172.16.117.121-Primeprime-18888888888";
    sscanf(detail, "%[^-]-%[^-]-%s", ip, name, tel);
    printf("ip:%s\tname:%s\ttel:%s\n", ip, name, tel);
    return 0;
}

使用cppcheck检查时会报错

(warning)sscanf() without field width limits can crash with huge input data.

解决办法

使用sscanf时在匹配规则里添加长度限制

将 sscanf(detail, "%[^-]-%[^-]-%s", ip, name, tel);

改为 sscanf(detail, "%15[^-]-%31[^-]-%11s", ip, name, tel);

#include <stdio.h>

int main()
{
    char ip[16] = {0};
    char name[32] = {0};
    char tel[12] = {0};
    char detail[400] = "172.16.117.121-Primeprime-18888888888";
    sscanf(detail, "%15[^-]-%31[^-]-%11s", ip, name, tel);
    printf("ip:%s\tname:%s\ttel:%s\n", ip, name, tel);
    return 0;
}

修改后使用cppcheck检查，没有warning了