bundle-uri: avoid using undefined output of `sscanf()`

In c429bed102 (bundle-uri: store fetch.bundleCreationToken, 2023-01-31)
code was introduced that assumes that an `sscanf()` call leaves its
output variables unchanged unless the return value indicates success.

However, the POSIX documentation makes no such guarantee:
https://pubs.opengroup.org/onlinepubs/9699919799/functions/sscanf.html

So let's make sure that the output variable `maxCreationToken` is
always well-defined.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/bundle-uri.c b/bundle-uri.c
index 96d2ba726d9909ea1a5a5934dc9835aded3e4c67..13a42f92387ea5b46e3aefabc6fffc277a8138ef 100644 (file)
--- a/bundle-uri.c
+++ b/bundle-uri.c
@@ -532,11 +532,13 @@ static int fetch_bundles_by_token(struct repository *r,
         */
        if (!repo_config_get_value(r,
                                   "fetch.bundlecreationtoken",
-                                  &creationTokenStr) &&
-           sscanf(creationTokenStr, "%"PRIu64, &maxCreationToken) == 1 &&
-           bundles.items[0]->creationToken <= maxCreationToken) {
-               free(bundles.items);
-               return 0;
+                                  &creationTokenStr)) {
+               if (sscanf(creationTokenStr, "%"PRIu64, &maxCreationToken) != 1)
+                       maxCreationToken = 0;
+               if (bundles.items[0]->creationToken <= maxCreationToken) {
+                       free(bundles.items);
+                       return 0;
+               }
        }
 
        /*