As far as I can tell, there are two places in which dovecot does not use scanf properly. This patch should fix that. -------------------------------------------------------------------------------- diff -r 8a3d0426f514 src/lib-dns/dns-lookup.c --- a/src/lib-dns/dns-lookup.c Sat Nov 23 23:22:09 2013 +0000 +++ b/src/lib-dns/dns-lookup.c Sun Nov 24 06:30:12 2013 +0100 @@ -102,7 +102,7 @@ } /* first line: <ret> <ip count> */ if (sscanf(line, "%d %u", &result->ret, - &result->ips_count) == 0) + &result->ips_count) != 2) return -1; if (result->ret != 0) { result->error = net_gethosterror(result->ret); diff -r 8a3d0426f514 src/lib-settings/settings.c --- a/src/lib-settings/settings.c Sat Nov 23 23:22:09 2013 +0000 +++ b/src/lib-settings/settings.c Sun Nov 24 06:30:12 2013 +0100 @@ -44,7 +44,7 @@ { int num; - if (!sscanf(value, "%i", &num) || num < 0) + if (sscanf(value, "%i", &num) != 1 || num < 0) return t_strconcat("Invalid number: ", value, NULL); *result = num; return NULL; -------------------------------------------------------------------------------- Specifically, both invocations disregard that sscanf("", "%d", &num) and similar make sscanf return EOF (-1 on my system) and the first invocation also does not account for the case that the second argument is not matched.