From patchwork Thu Jun  5 17:58:35 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Maciej W. Rozycki" <macro@orcam.me.uk>
X-Patchwork-Id: 113751
Return-Path: <libc-alpha-bounces~patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id A169F3856DFA
	for <patchwork@sourceware.org>; Thu,  5 Jun 2025 18:01:15 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A169F3856DFA
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from angie.orcam.me.uk (angie.orcam.me.uk [IPv6:2001:4190:8020::34])
 by sourceware.org (Postfix) with ESMTP id 7D7E33857C6E
 for <libc-alpha@sourceware.org>; Thu,  5 Jun 2025 17:58:37 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7D7E33857C6E
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=orcam.me.uk
Authentication-Results: sourceware.org; spf=none smtp.mailfrom=orcam.me.uk
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7D7E33857C6E
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2001:4190:8020::34
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1749146317; cv=none;
 b=d00/hdsLB3dL706u8bgpUwwYFa2Gvm7RK6oxqAMVd5XSYuhCRFXy3BOsWzn6QIAoZb7w56hUiAhdEunzTBE1bML3vQqDgoD+c2j+Uac7WM1v2vcRRwKEeZrpJ6eJkW124l0CG/wvc2jDvDzjSOmJptLvdCjfuHco1n5JM7UAMLY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1749146317; c=relaxed/simple;
 bh=E7zVdtCesQaK4RIfxG6yo3dWhrmASujeGC3fQapaQGg=;
 h=Date:From:To:Subject:Message-ID:MIME-Version;
 b=GeZbluu12ALjU0mOMthMu3by1veNgY+qyE4ER2EOQoc54SU6a71O4/TrNOkiB3tvOAScsOGTAejHbKJUCHfj52PHw/XOFroFP/UW3fRxQfaqYbrp8o3HYAO2Fvr/daTqG6fhRyEq8Euc5QKabzyiHhJNX97F3gG8P9gojhYftPc=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by angie.orcam.me.uk (Postfix, from userid 500)
 id DBBD292009E; Thu,  5 Jun 2025 19:58:35 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by angie.orcam.me.uk (Postfix) with ESMTP id D57C492009B;
 Thu,  5 Jun 2025 18:58:35 +0100 (BST)
Date: Thu, 5 Jun 2025 18:58:35 +0100 (BST)
From: "Maciej W. Rozycki" <macro@orcam.me.uk>
To: libc-alpha@sourceware.org
cc: "Maciej W. Rozycki" <macro@redhat.com>
Subject: [PATCH v2 02/14] stdio-common: Reject significands w/o digits in
 scanf [BZ #12701]
In-Reply-To: <alpine.DEB.2.21.2506051049250.1790@angie.orcam.me.uk>
Message-ID: <alpine.DEB.2.21.2506051531290.1790@angie.orcam.me.uk>
References: <alpine.DEB.2.21.2506051049250.1790@angie.orcam.me.uk>
User-Agent: Alpine 2.21 (DEB 202 2017-01-01)
MIME-Version: 1.0
X-Spam-Status: No, score=-3487.3 required=5.0 tests=BAYES_00,
 KAM_DMARC_STATUS,
 KAM_INFOUSMEBIZ, KAM_LAZY_DOMAIN_SECURITY, SPF_HELO_NONE, SPF_NONE,
 TXREP autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Reply-To: "Maciej W. Rozycki" <macro@redhat.com>
Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org

From: Maciej W. Rozycki <macro@redhat.com>

Reject invalid formatted scanf real input data the significand part of 
which is comprised of a hexadecimal prefix followed by a decimal point 
only, optionally preceded by a sign.  Such data is a prefix of, but not 
a matching input sequence and it is required by ISO C to cause a 
matching failure.

Currently a matching success is instead incorrectly produced along with 
the conversion result of zero, with data up to and including the decimal 
point consumed from input.

Technically this change also causes lone . to be rejected early, though 
it doesn't change semantics, because unlike 0x. it's not valid input to 
'strtod', etc. so it gets rejected at actual conversion time later on 
anyway.

Test cases follow as separate changes.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
---
No change from v1.
---
 stdio-common/vfscanf-internal.c |   10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

glibc-scanf-bz12701-real-nodigit.diff

Index: glibc/stdio-common/vfscanf-internal.c
===================================================================
--- glibc.orig/stdio-common/vfscanf-internal.c
+++ glibc/stdio-common/vfscanf-internal.c
@@ -2561,15 +2561,15 @@ __vfscanf_internal (FILE *s, const char
 	      goto errout;
 	    }
 
-	  /* Have we read any character?  If we try to read a number
-	     in hexadecimal notation and we have read only the `0x'
-	     prefix this is an error.  Also it is an error where we
-	     have read no digits after the exponent character.  */
+	  /* Have we read any character?  If we try to read a number in
+	     hexadecimal notation and we have read only the `0x' prefix,
+	     this is an error.  Also it is an error where we have read
+	     no digits (before or after the exponent character).  */
 	  if (__glibc_unlikely (char_buffer_size (&charbuf) == got_sign
 				|| ((flags & HEXA_FLOAT)
 				    && (char_buffer_size (&charbuf)
 					== 2 + got_sign)))
-				|| (got_e && !got_digit))
+				|| !got_digit)
 	    conv_error ();
 
 	scan_float: