Fix parsing of 0e+0 as float

diff --git a/ChangeLog b/ChangeLog
index b0cab3f778612b871d5a077738b3165c0522fde4..c83db92cd8f8df6ba3b60373be9495f29a742ecd 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2013-10-31  Andreas Schwab  <schwab@suse.de>
+
+       [BZ# 15917]
+       * stdio-common/vfscanf.c (_IO_vfwscanf): Handle leading '0' not
+       followed by 'x' as part of digit sequence.
+       * stdio-common/tst-sscanf.c (double_tests2): New tests.
+
 2013-10-04  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 
        * sysdeps/powerpc/powerpc64/strcpy.S (strcpy): Add word load/store

diff --git a/NEWS b/NEWS
index f0a93464e0b902ec61d8f72c7f044059f4366704..2970338bf8624fd38379fa4387d3199d5d41c955 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -23,7 +23,7 @@ Version 2.18
   15465, 15480, 15485, 15488, 15490, 15492, 15493, 15497, 15506, 15522,
   15529, 15532, 15536, 15553, 15577, 15583, 15618, 15627, 15631, 15654,
   15655, 15666, 15667, 15674, 15711, 15755, 15759, 15797, 15892, 15893,
-  15895, 15988, 16072.
+  15895, 15917, 15988, 16072.
 
 * CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal
   has been fixed by disabling the use of pt_chown (Bugzilla #15755).

diff --git a/stdio-common/tst-sscanf.c b/stdio-common/tst-sscanf.c
index 1edb22719928fae97bcf7e1c52bcd1d491bef51a..3c34f58a635d5418830b2c49ecc1230360a9bed4 100644 (file)
--- a/stdio-common/tst-sscanf.c
+++ b/stdio-common/tst-sscanf.c
@@ -109,6 +109,19 @@ struct test double_tests[] =
   { L("-inf"), L("%g"), 1 }
 };
 
+struct test2
+{
+  const CHAR *str;
+  const CHAR *fmt;
+  int retval;
+  char residual;
+} double_tests2[] =
+{
+  { L("0e+0"), L("%g%c"), 1, 0 },
+  { L("0xe+0"), L("%g%c"), 2, '+' },
+  { L("0x.e+0"), L("%g%c"), 2, '+' },
+};
+
 int
 main (void)
 {
@@ -196,5 +209,26 @@ main (void)
        }
     }
 
+  for (i = 0; i < sizeof (double_tests2) / sizeof (double_tests2[0]); ++i)
+    {
+      double dummy;
+      int ret;
+      char c = 0;
+
+      if ((ret = SSCANF (double_tests2[i].str, double_tests2[i].fmt,
+                        &dummy, &c)) != double_tests2[i].retval)
+       {
+         printf ("double_tests2[%d] returned %d != %d\n",
+                 i, ret, double_tests2[i].retval);
+         result = 1;
+       }
+      else if (ret == 2 && c != double_tests2[i].residual)
+       {
+         printf ("double_tests2[%d] stopped at '%c' != '%c'\n",
+                 i, c, double_tests2[i].residual);
+         result = 1;
+       }
+    }
+
   return result;
 }

diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c
index 343056769ebad7fe0a636f3e8eb8cd88b590f41e..093c8b0c5805b82262a4e9680d02d9c277bcee44 100644 (file)
--- a/stdio-common/vfscanf.c
+++ b/stdio-common/vfscanf.c
@@ -1966,6 +1966,8 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
                  if (width > 0)
                    --width;
                }
+             else
+               got_digit = 1;
            }
 
          while (1)