From patchwork Fri Sep 23 01:50:28 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gabriel F T Gomes X-Patchwork-Id: 15945 X-Patchwork-Delegate: fweimer@redhat.com Received: (qmail 69424 invoked by alias); 23 Sep 2016 01:50:37 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 68310 invoked by uid 89); 23 Sep 2016 01:50:37 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.6 required=5.0 tests=BAYES_00, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=strfrom, printfparseh, gftglinuxvnetibmcom, UCHAR_T X-HELO: mx0a-001b2d01.pphosted.com From: "Gabriel F. T. Gomes" To: libc-alpha@sourceware.org Cc: joseph@codesourcery.com Subject: [PATCH] Use read_int in vfscanf Date: Thu, 22 Sep 2016 22:50:28 -0300 X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16092301-0020-0000-0000-00000247082C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16092301-0021-0000-0000-000030447CE5 Message-Id: <1474595428-20601-1-git-send-email-gftg@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-09-22_11:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1609020000 definitions=main-1609230028 Joseph, while working on your suggestion for strfrom, I noticed that vfscanf does not use read_int. Is there a reason for it, or is the following patch OK for master? Tested on ppc64le, x86_64. ---8<--- The function read_int, from printf-parse.h, parses an integer from a string while avoiding overflows. It is used by other functions, such as vfprintf, to avoid undefined behavior. The function vfscanf (_IO_vfwscanf) parses an integer from the format string, and can use read_int. 2016-09-22 Gabriel F. T. Gomes * stdio-common/vfscanf.c (_IO_vfwscanf): Use read_int to parse integer from the format string. --- stdio-common/vfscanf.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c index fe3677b..7caa96f 100644 --- a/stdio-common/vfscanf.c +++ b/stdio-common/vfscanf.c @@ -133,6 +133,8 @@ # define WINT_T int #endif +#include "printf-parse.h" /* Use read_int. */ + #define encode_error() do { \ errval = 4; \ __set_errno (EILSEQ); \ @@ -488,9 +490,7 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr, /* Check for a positional parameter specification. */ if (ISDIGIT ((UCHAR_T) *f)) { - argpos = (UCHAR_T) *f++ - L_('0'); - while (ISDIGIT ((UCHAR_T) *f)) - argpos = argpos * 10 + ((UCHAR_T) *f++ - L_('0')); + argpos = read_int ((const UCHAR_T **) &f); if (*f == L_('$')) ++f; else @@ -525,11 +525,8 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr, /* Find the maximum field width. */ width = 0; - while (ISDIGIT ((UCHAR_T) *f)) - { - width *= 10; - width += (UCHAR_T) *f++ - L_('0'); - } + if (ISDIGIT ((UCHAR_T) *f)) + width = read_int ((const UCHAR_T **) &f); got_width: if (width == 0) width = -1;