From 6720da3b887043ee7ddf6c2abe304e2f898071f9 Mon Sep 17 00:00:00 2001
From: Mingjie Shen <shen497@purdue.edu>
Date: Sat, 23 Mar 2024 22:26:43 -0400
Subject: [PATCH] Check return values of sscanf()

Failing to check that a call to 'sscanf' actually writes to an output
variable can lead to unexpected behavior at reading time.
---
 src/options.c | 6 +++++-
 src/rs485.c   | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/options.c b/src/options.c
index 6fd673d..88e2379 100644
--- a/src/options.c
+++ b/src/options.c
@@ -163,7 +163,11 @@ void line_pulse_duration_option_parse(const char *arg)
         {
             char keyname[11];
             unsigned int value;
-            sscanf(token, "%10[^=]=%d", keyname, &value);
+
+            if (sscanf(token, "%10[^=]=%d", keyname, &value) != 2)
+            {
+                token_found = false;
+            }
 
             if (!strcmp(keyname, "DTR"))
             {
diff --git a/src/rs485.c b/src/rs485.c
index e364b13..ee84b60 100644
--- a/src/rs485.c
+++ b/src/rs485.c
@@ -57,7 +57,11 @@ void rs485_parse_config(const char *arg)
         {
             char keyname[31];
             unsigned int value;
-            sscanf(token, "%30[^=]=%d", keyname, &value);
+
+            if (sscanf(token, "%30[^=]=%d", keyname, &value) != 2)
+            {
+                token_found = false;
+            }
 
             if (!strcmp(keyname, "RTS_ON_SEND"))
             {