diff options
author | Rich Felker <dalias@aerifal.cx> | 2011-04-25 10:40:25 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2011-04-25 10:40:25 -0400 |
commit | 5efc6af4ebb9d50eb978d0338835544fdfea0396 (patch) | |
tree | 5148e8fc7dddb1dfcac614ca0ccc1c4a5fc0f326 | |
parent | db9915ee97670885f3f2302d8c41ac6c61f2d77e (diff) | |
download | musl-5efc6af4ebb9d50eb978d0338835544fdfea0396.tar.gz |
fix 2 eof-related bugs in scanf
1. failed match of literal chars from the format string would always
return matching failure rather than input failure at eof, leading to
infinite loops in some programs.
2. unread of eof would wrongly adjust the character counts reported by
%n, yielding an off-by-one error.
-rw-r--r-- | src/stdio/__scanf.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/stdio/__scanf.c b/src/stdio/__scanf.c index 185615d3..062327d7 100644 --- a/src/stdio/__scanf.c +++ b/src/stdio/__scanf.c @@ -22,8 +22,7 @@ static int read(rctx_t *r) static void unread(rctx_t *r) { - //if (r->u || r->w < 0) return; - if (r->w < 0) return; + if (r->c < 0 || r->w < 0) return; r->w++; r->u = 1; } @@ -99,7 +98,9 @@ int __scanf(rctx_t *r, const wchar_t *fmt, va_list ap) } else if (*p != '%' || p[1] == '%') { if (*p == '%') p++; r->w = 1; - if (*p++ != read(r)) + if ((c = read(r)) < 0) + goto input_fail; + if (*p++ != c) goto match_fail; continue; } |