Red Hat Bugzilla – Bug 53940
scanf(3) doesn't seem to handle %n properly
Last modified: 2016-11-24 09:47:37 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.2.19 i686)
Description of problem:
If scanf() reads no symbols, it ignores %n
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Compile the test program (attached)
2. run it
Actual Results: 10 3
Expected Results: 0 3
Not shure that it is a bug, but I have one program that crashes due
to this strange behavior.
Created attachment 32418 [details]
simple test program for scanf()
It is a bug, but not in glibc, but in the program you have.
In first sscanf, you get matching failure already before the %n directive,
so it is not assigned. See e.g. ISO C99, or
You really have to check *scanf return value first before assuming which
arguments were assigned to.