From 5e729b21c0a1e14bf64f00cdfcdcfb7cdaff5219 Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Sun, 12 Nov 2023 00:32:21 +0000
Subject: driver: -version-info suport: strictly verify the version info
 argument.

---
 src/driver/slbt_driver_ctx.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'src/driver/slbt_driver_ctx.c')

diff --git a/src/driver/slbt_driver_ctx.c b/src/driver/slbt_driver_ctx.c
index fe5f19e..e4f18eb 100644
--- a/src/driver/slbt_driver_ctx.c
+++ b/src/driver/slbt_driver_ctx.c
@@ -1216,6 +1216,9 @@ static int slbt_init_version_info(
 	int	current;
 	int	revision;
 	int	age;
+	int	colons;
+	int	fmtcnt;
+	const char * ch;
 
 	if (!verinfo->verinfo && !verinfo->vernumber)
 		return 0;
@@ -1230,9 +1233,21 @@ static int slbt_init_version_info(
 
 	current = revision = age = 0;
 
-	sscanf(verinfo->verinfo,"%d:%d:%d",
+	for (colons=0, ch=verinfo->verinfo; *ch; ch++)
+		if (*ch == ':')
+			colons++;
+
+	fmtcnt = sscanf(verinfo->verinfo,"%d:%d:%d",
 		&current,&revision,&age);
 
+	if (!fmtcnt || (fmtcnt > 3) || (fmtcnt != colons + 1)) {
+		slbt_dprintf(ictx->fdctx.fderr,
+			"%s: error: invalid version info: "
+			"supported argument format is %%d[:%%d[:%%d]].\n",
+			argv_program_name(ictx->cctx.targv[0]));
+		return -1;
+	}
+
 	if (current < age) {
 		if (ictx->cctx.drvflags & SLBT_DRIVER_VERBOSITY_ERRORS)
 			slbt_dprintf(ictx->fdctx.fderr,
-- 
cgit v1.2.3