This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.17-523-g6ecec3b
- From: schwab at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 11 Apr 2013 08:38:14 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.17-523-g6ecec3b
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 6ecec3b616aeaf121c68c1053cd17fdcf0cdb5a2 (commit)
from 273cdee86d86e107c0eecef5614f57e37567b54e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=6ecec3b616aeaf121c68c1053cd17fdcf0cdb5a2
commit 6ecec3b616aeaf121c68c1053cd17fdcf0cdb5a2
Author: Andreas Schwab <schwab@suse.de>
Date: Mon Jan 14 17:32:20 2013 +0100
Don't accept exp char without preceding digits in scanf float parsing
diff --git a/ChangeLog b/ChangeLog
index 6313627..c64d690 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2013-04-11 Andreas Schwab <schwab@suse.de>
+ [BZ #13988]
+ * stdio-common/vfscanf.c (_IO_vfwscanf): When parsing a float
+ accept exponent character only when digits were seen.
+ * stdio-common/Makefile (tests): Add bug26.
+ * stdio-common/bug26.c: New file.
+
[BZ #14293]
* elf/dl-load.c (_dl_init_paths): Mark decomposed RUNPATH as
non-freeable.
diff --git a/NEWS b/NEWS
index 639b1f0..66efb82 100644
--- a/NEWS
+++ b/NEWS
@@ -9,12 +9,12 @@ Version 2.18
* The following bugs are resolved with this release:
- 10060, 10062, 10357, 11120, 11561, 12723, 13550, 13889, 13951, 14142,
- 14176, 14200, 14293, 14317, 14327, 14478, 14496, 14686, 14812, 14920,
- 14964, 14981, 14982, 14985, 14994, 14996, 15003, 15006, 15020, 15023,
- 15036, 15054, 15055, 15062, 15078, 15160, 15214, 15232, 15234, 15283,
- 15285, 15287, 15304, 15305, 15307, 15309, 15327, 15330, 15335, 15336,
- 15337, 15342, 15346.
+ 10060, 10062, 10357, 11120, 11561, 12723, 13550, 13889, 13951, 13988,
+ 14142, 14176, 14200, 14293, 14317, 14327, 14478, 14496, 14686, 14812,
+ 14920, 14964, 14981, 14982, 14985, 14994, 14996, 15003, 15006, 15020,
+ 15023, 15036, 15054, 15055, 15062, 15078, 15160, 15214, 15232, 15234,
+ 15283, 15285, 15287, 15304, 15305, 15307, 15309, 15327, 15330, 15335,
+ 15336, 15337, 15342, 15346.
* CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
#15078).
diff --git a/stdio-common/Makefile b/stdio-common/Makefile
index f64a8ba..658804b 100644
--- a/stdio-common/Makefile
+++ b/stdio-common/Makefile
@@ -57,7 +57,7 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \
bug19 bug19a tst-popen2 scanf13 scanf14 scanf15 bug20 bug21 bug22 \
scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \
bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \
- bug25 tst-printf-round
+ bug25 tst-printf-round bug26
test-srcs = tst-unbputc tst-printf
diff --git a/stdio-common/bug26.c b/stdio-common/bug26.c
new file mode 100644
index 0000000..a4c6bce
--- /dev/null
+++ b/stdio-common/bug26.c
@@ -0,0 +1,37 @@
+/* Copyright (C) 2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <stdio.h>
+#include <string.h>
+
+int
+main (void)
+{
+ FILE *f;
+ int lost = 0;
+ int c;
+ double d;
+ char s[] = "+.e";
+
+ f = fmemopen (s, strlen (s), "r");
+ /* This should fail to parse a float and leave 'e' in the input. */
+ lost |= (fscanf (f, "%f", &d) != 0);
+ c = fgetc (f);
+ lost |= c != 'e';
+ puts (lost ? "Test FAILED!" : "Test succeeded.");
+ return lost;
+}
diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c
index 9b5c4a9..82f7eee 100644
--- a/stdio-common/vfscanf.c
+++ b/stdio-common/vfscanf.c
@@ -222,7 +222,7 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
/* Errno of last failed inchar call. */
int inchar_errno = 0;
/* Status for reading F-P nums. */
- char got_dot, got_e, negative;
+ char got_digit, got_dot, got_e, negative;
/* If a [...] is a [^...]. */
CHAR_T not_in;
#define exp_char not_in
@@ -1845,7 +1845,7 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
if (__builtin_expect (c == EOF, 0))
input_error ();
- got_dot = got_e = 0;
+ got_digit = got_dot = got_e = 0;
/* Check for a sign. */
if (c == L_('-') || c == L_('+'))
@@ -1971,13 +1971,19 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
while (1)
{
if (ISDIGIT (c))
- ADDW (c);
+ {
+ ADDW (c);
+ got_digit = 1;
+ }
else if (!got_e && (flags & HEXA_FLOAT) && ISXDIGIT (c))
- ADDW (c);
+ {
+ ADDW (c);
+ got_digit = 1;
+ }
else if (got_e && wp[wpsize - 1] == exp_char
&& (c == L_('-') || c == L_('+')))
ADDW (c);
- else if (wpsize > 0 && !got_e
+ else if (got_digit && !got_e
&& (CHAR_T) TOLOWER (c) == exp_char)
{
ADDW (exp_char);
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 +++++
NEWS | 12 +++++-----
stdio-common/Makefile | 2 +-
.../powerpc/sched_getcpu.c => stdio-common/bug26.c | 23 +++++++++++++-------
stdio-common/vfscanf.c | 16 +++++++++----
5 files changed, 39 insertions(+), 20 deletions(-)
copy sysdeps/unix/sysv/linux/powerpc/sched_getcpu.c => stdio-common/bug26.c (68%)
hooks/post-receive
--
GNU C Library master sources