diff options
author | Rich Felker <dalias@aerifal.cx> | 2013-08-31 22:47:44 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2013-08-31 22:47:44 -0400 |
commit | cbb8a6979038f96d3f67c659363cebf0615c42ba (patch) | |
tree | 54a4e0c3d862e3d52a2c2db30ca07be63afce7e4 /src/stdio | |
parent | 35e8621a28db1c34685adbbf1c2229270cbf7236 (diff) | |
download | musl-cbb8a6979038f96d3f67c659363cebf0615c42ba.tar.gz |
avoid crash in scanf when invalid %m format is encountered
invalid format strings invoke undefined behavior, so this is not a
conformance issue, but it's nicer for scanf to report the error safely
instead of calling free on a potentially-uninitialized pointer or a
pointer to memory belonging to the caller.
Diffstat (limited to 'src/stdio')
-rw-r--r-- | src/stdio/vfscanf.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/stdio/vfscanf.c b/src/stdio/vfscanf.c index 68c8e2cf..c0e607f5 100644 --- a/src/stdio/vfscanf.c +++ b/src/stdio/vfscanf.c @@ -118,6 +118,8 @@ int vfscanf(FILE *restrict f, const char *restrict fmt, va_list ap) } if (*p=='m') { + wcs = 0; + s = 0; alloc = !!dest; p++; } else { |