From: Andreas Schwab <schwab@suse.de>
Date: Thu, 31 Oct 2013 11:51:03 +0000 (+0100)
Subject: Fix parsing of 0e+0 as float
X-Git-Tag: glibc-2.19~555
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a4966c6104918ac884ee1131a4ed23c5ad6b4c5a;p=thirdparty%2Fglibc.git

Fix parsing of 0e+0 as float
---

diff --git a/ChangeLog b/ChangeLog
index 56736937f1d..4b71c4a5f1f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2013-10-31  Andreas Schwab  <schwab@suse.de>
+
+	[BZ# 15917]
+	* stdio-common/vfscanf.c (_IO_vfwscanf): Handle leading '0' not
+	followed by 'x' as part of digit sequence.
+	* stdio-common/tst-sscanf.c (double_tests2): New tests.
+
 2013-10-31  Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
 
 	[BZ #16037]
diff --git a/NEWS b/NEWS
index e3330fcf6b7..d24511981d6 100644
--- a/NEWS
+++ b/NEWS
@@ -15,8 +15,9 @@ Version 2.19
   15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748, 15749,
   15754, 15760, 15764, 15797, 15799, 15825, 15844, 15847, 15849, 15855,
   15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895,
-  15897, 15905, 15909, 15919, 15921, 15923, 15939, 15948, 15963, 15966,
-  15988, 16032, 16034, 16036, 16037, 16041, 16071, 16072, 16074, 16078.
+  15897, 15905, 15909, 15917, 15919, 15921, 15923, 15939, 15948, 15963,
+  15966, 15988, 16032, 16034, 16036, 16037, 16041, 16071, 16072, 16074,
+  16078.
 
 * CVE-2012-4412 The strcoll implementation caches indices and rules for
   large collation sequences to optimize multiple passes.  This cache
diff --git a/stdio-common/tst-sscanf.c b/stdio-common/tst-sscanf.c
index 1edb2271992..3c34f58a635 100644
--- a/stdio-common/tst-sscanf.c
+++ b/stdio-common/tst-sscanf.c
@@ -109,6 +109,19 @@ struct test double_tests[] =
   { L("-inf"), L("%g"), 1 }
 };
 
+struct test2
+{
+  const CHAR *str;
+  const CHAR *fmt;
+  int retval;
+  char residual;
+} double_tests2[] =
+{
+  { L("0e+0"), L("%g%c"), 1, 0 },
+  { L("0xe+0"), L("%g%c"), 2, '+' },
+  { L("0x.e+0"), L("%g%c"), 2, '+' },
+};
+
 int
 main (void)
 {
@@ -196,5 +209,26 @@ main (void)
 	}
     }
 
+  for (i = 0; i < sizeof (double_tests2) / sizeof (double_tests2[0]); ++i)
+    {
+      double dummy;
+      int ret;
+      char c = 0;
+
+      if ((ret = SSCANF (double_tests2[i].str, double_tests2[i].fmt,
+			 &dummy, &c)) != double_tests2[i].retval)
+	{
+	  printf ("double_tests2[%d] returned %d != %d\n",
+		  i, ret, double_tests2[i].retval);
+	  result = 1;
+	}
+      else if (ret == 2 && c != double_tests2[i].residual)
+	{
+	  printf ("double_tests2[%d] stopped at '%c' != '%c'\n",
+		  i, c, double_tests2[i].residual);
+	  result = 1;
+	}
+    }
+
   return result;
 }
diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c
index 78dc2fcfe54..e6fa8f372be 100644
--- a/stdio-common/vfscanf.c
+++ b/stdio-common/vfscanf.c
@@ -1966,6 +1966,8 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
 		  if (width > 0)
 		    --width;
 		}
+	      else
+		got_digit = 1;
 	    }
 
 	  while (1)