Date: Mon, 4 Jun 2001 04:31:59 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: sobomax@FreeBSD.ORG Cc: current@FreeBSD.ORG, deischen@FreeBSD.ORG Subject: Re: sscanf(3) is broken in 5-CURRENT [SIGBUS] Message-ID: <Pine.BSF.4.21.0106040426420.51343-100000@besplex.bde.org> In-Reply-To: <200106021026.f52AQQo50360@mail.uic-in.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 2 Jun 2001, Maxim Sobolev wrote:
> It seems that something is wrong with sscanf(3) in -current - in
> some cases it may cause SIGBUS. I failed to reproduce the
> problem on 4-STABLE, so it is a -current specific bug. Attached
> please find small showcase that exposes the bug in question
> and a backtrace after SIGBUS.
>
> Please fix.
>
> -Maxim
>
> #include <stdio.h>
> int
> main()
> {
> float sub;
> sscanf("59e", "%f", &sub);
> exit(0);
> }
>
> (gdb) r
> Starting program: /tmp/bug/a.out
> Program received signal SIGBUS, Bus error.
> 0x280b3ad8 in __ungetc () from /usr/lib/libc.so.5
> (gdb) bt
> #0 0x280b3ad8 in __ungetc () from /usr/lib/libc.so.5
> #1 0x280b36b1 in __svfscanf () from /usr/lib/libc.so.5
> #2 0x280b25a3 in sscanf () from /usr/lib/libc.so.5
> #3 0x80484c0 in main () at bug.c:8
> #4 0x80483f5 in _start ()
This is because fp->_extra is not initialized by sscanf() (it is stack
garbage that happened to be 0 when I looked at it).
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106040426420.51343-100000>