From d4eae6fd286ef05fb7debe0b4216e2b8d424589c Mon Sep 17 00:00:00 2001
From: Harlan Stenn <stenn@ntp.org>
Date: Wed, 27 Jun 2012 23:43:05 -0700
Subject: [PATCH] CID 97193: check return from sscanf() in ntp_config.c

bk: 4febfcf9RhhkQ5-pn318ac01eMuP9w
---
 ChangeLog         | 1 +
 ntpd/ntp_config.c | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3c624755f..943a40cb0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,4 @@
+* CID 97193: check return from sscanf() in ntp_config.c.
 * CID 709169: check return from open("/dev/null", 0) and friends.
 * CID 709207: Initialize "quality" for ulink_receive.
 (4.2.7p285) 2012/06/18 Released by Harlan Stenn <stenn@ntp.org>
diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c
index f731fb9ff..caf6c5603 100644
--- a/ntpd/ntp_config.c
+++ b/ntpd/ntp_config.c
@@ -2709,9 +2709,9 @@ config_nic_rules(
 				*pchSlash = '\0';
 			if (is_ip_address(if_name, AF_UNSPEC, &addr)) {
 				match_type = MATCH_IFADDR;
-				if (pchSlash != NULL) {
-					sscanf(pchSlash + 1, "%d",
-					    &prefixlen);
+				if (pchSlash != NULL	\
+				    && 1 == sscanf(pchSlash + 1, "%d",
+					    &prefixlen)) {
 					addrbits = 8 *
 					    SIZEOF_INADDR(AF(&addr));
 					prefixlen = max(-1, prefixlen);
-- 
2.47.3