diff --git a/local.c b/local.c index 36b6b76d1..996ad7f10 100644 --- a/local.c +++ b/local.c @@ -1221,9 +1221,16 @@ static int handle_protected_scan_element_attr(struct iio_channel *chn, if (!strcmp(name, "index")) { ret = local_read_dev_attr(dev, path, buf, sizeof(buf), false); - if (ret > 0) - chn->index = atol(buf); + if (ret > 0) { + char *end; + long long value; + + value = strtoll(buf, &end, 0); + if (end == buf || value < 0 || value > LONG_MAX) + return -EINVAL; + chn->index = (long) value; + } } else if (!strcmp(name, "type")) { ret = local_read_dev_attr(dev, path, buf, sizeof(buf), false); if (ret > 0) { @@ -1917,16 +1924,21 @@ static const struct iio_backend_ops local_ops = { static void init_data_scale(struct iio_channel *chn) { - char buf[1024]; + char *end, buf[1024]; ssize_t ret; + float value; + chn->format.with_scale = false; ret = iio_channel_attr_read(chn, "scale", buf, sizeof(buf)); - if (ret < 0) { - chn->format.with_scale = false; - } else { - chn->format.with_scale = true; - chn->format.scale = atof(buf); - } + if (ret < 0) + return; + + value = strtof(buf, &end); + if (end == buf) + return; + + chn->format.with_scale = true; + chn->format.scale = value; } static void init_scan_elements(struct iio_context *ctx) diff --git a/xml.c b/xml.c index 607d7812f..bb0872a49 100644 --- a/xml.c +++ b/xml.c @@ -139,7 +139,13 @@ static void setup_scan_element(struct iio_channel *chn, xmlNode *n) const char *name = (const char *) attr->name, *content = (const char *) attr->children->content; if (!strcmp(name, "index")) { - chn->index = atol(content); + char *end; + long long value; + + value = strtoll(content, &end, 0); + if (end == content || value < 0 || value > LONG_MAX) + return; + chn->index = (long) value; } else if (!strcmp(name, "format")) { char e, s; if (strchr(content, 'X')) { @@ -170,8 +176,17 @@ static void setup_scan_element(struct iio_channel *chn, xmlNode *n) chn->format.is_fully_defined = (s == 'S' || s == 'U' || chn->format.bits == chn->format.length); } else if (!strcmp(name, "scale")) { + char *end; + float value; + + value = strtof(content, &end); + if (end == content) { + chn->format.with_scale = false; + return; + } + chn->format.with_scale = true; - chn->format.scale = atof(content); + chn->format.scale = value; } else { IIO_WARNING("Unknown attribute \'%s\' in \n", name);