16 Commits

Author SHA1 Message Date
Paul Pluzhnikov
5bd80bfe9c CVE-2015-1472: wscanf allocates too little memory
BZ #16618

Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer.  The
implementation now correctly computes the required buffer size when
using malloc.

A regression test was added to tst-sscanf.
2015-02-06 00:34:51 -05:00
Joseph Myers
b168057aaa Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
David S. Miller
195b8165ac Fix tst-sscanf and tst-swscanf on 64-bit.
* stdio-common/tst-sscanf.c (main): Use 'long' for 'dummy' when
	processing int_tests.
2014-02-11 00:37:53 -08:00
Allan McRae
d4697bc93d Update copyright notices with scripts/update-copyrights 2014-01-01 22:00:23 +10:00
Ondřej Bílka
728dab0e13 Do not let scanf("%4p") accept "(nil)". Fixes bug 16055 2013-11-18 12:42:23 +01:00
Andreas Schwab
a4966c6104 Fix parsing of 0e+0 as float 2013-10-31 12:51:03 +01:00
Joseph Myers
568035b787 Update copyright notices with scripts/update-copyrights. 2013-01-02 19:05:09 +00:00
Paul Eggert
59ba27a63a Replace FSF snail mail address with URLs. 2012-02-09 23:18:22 +00:00
Ulrich Drepper
ac2ca0229a * stdio-common/vfscanf.c: Fix problems in width accounting.
* stdio-common/tst-sscanf.c (double_tests): New tests.
	(main): Hook them up.
2007-02-18 19:03:30 +00:00
Ulrich Drepper
821d3e7031 * stdio-common/Makefile (tests): Add tst-swscanf.
* stdio-common/tst-sscanf.c: Make tests usable for swscanf
	testing.
	* stdio-common/tst-swscanf.c: New file.
2007-02-18 09:21:24 +00:00
Ulrich Drepper
f9a06dc1b5 Update.
2004-04-20  Jakub Jelinek  <jakub@redhat.com>

	* sysdeps/unix/sysv/linux/shm_open.c (shm_unlink): Change EPERM into
	EACCES.

2004-04-20  Jakub Jelinek  <jakub@redhat.com>

	* stdio-common/vfscanf.c (_IO_vfscanf): Revert last %% whitespace
	handling change.
	* stdio-common/tst-sscanf.c (int_tests): Adjust.

	* nis/nss-nis.c: Include stdlib.h.

	* sysdeps/sparc/sparc32/dl-machine.h (elf_machine_rela): Shut up a
	warning.
	* sysdeps/sparc/sparc64/memcmp.S (memcmp): Remove BP_SYM () from
	libc_hidden_builtin_def.

2004-04-20  Jim Meyering  <jim@meyering.net>

	* misc/error.c (error_tail): Don't leak upon realloc failure.

2004-04-20  Martin Schwidefsky  <schwidefsky@de.ibm.com>

	* sysdeps/unix/sysv/linux/dl-execstack.c (_dl_make_stack_executable):
	Use RETURN_ADDRESS instead of __builtin_return_address.
2004-04-20 18:58:56 +00:00
Ulrich Drepper
d3b5202891 Update.
2004-04-20  Jakub Jelinek  <jakub@redhat.com>
	* stdio-common/vfscanf.c (_IO_vfscanf): When skipping whitespace,
	do input_error () instead of conv_error () and don't look at errno.
	Don't eat any whitespace before %% if skip_space == 0.
	* stdio-common/tst-sscanf.c (int_tests): New array.
	(main): Run int_tests.
See ChangeLog.14 for earlier changes.
2004-04-20 04:28:00 +00:00
Roland McGrath
3021e36d98 * stdio-common/tst-sscanf.c (val_double): Append .0 to large whole
number literals, so they are doubles instead of ints.
2002-10-11 10:55:33 +00:00
Andreas Jaeger
41bdb6e20c Update to LGPL v2.1.
2001-07-06  Paul Eggert  <eggert@twinsun.com>

	* manual/argp.texi: Remove ignored LGPL copyright notice; it's
	not appropriate for documentation anyway.
	* manual/libc-texinfo.sh: "Library General Public License" ->
	"Lesser General Public License".

2001-07-06  Andreas Jaeger  <aj@suse.de>

	* All files under GPL/LGPL version 2: Place under LGPL version
	2.1.
2001-07-06 04:58:11 +00:00
Andreas Jaeger
bf4de8f367 * malloc/memusagestat.c (main): Use return instead of exit to
avoid warning. 
* io/pwd.c (main): Likewise. 
* iconvdata/tst-table-from.c (main): Likewise. 
* ctype/test_ctype.c (main): Likewise. 
* setjmp/tst-setjmp.c (main): Likewise. 
* signal/tst-signal.c (main): Likewise. 
* stdlib/tst-strtol.c (main): Likewise. 
* stdlib/tst-strtod.c (main): Likewise. 
* stdlib/tst-strtoll.c (main): Likewise. 
* stdlib/tst-xpg-basename.c (main): Likewise. 
* dirent/tst-seekdir.c (main): Likewise. 
* grp/testgrp.c (main): Likewise. 
* inet/test_ifindex.c (main): Likewise. 
* io/test-utime.c (main): Likewise. 
* posix/test-vfork.c (main): Likewise. 
* posix/testfnm.c (main): Likewise. 
* stdio-common/temptest.c (main): Likewise. 
* stdio-common/test_rdwr.c (main): Likewise. 
* stdio-common/tst-fileno.c (main): Likewise. 
* stdio-common/tst-sscanf.c (main): Likewise. 
* stdio-common/tstscanf.c (main): Likewise. 
* string/bug-strncat1.c (main): Likewise. 
* string/bug-strpbrk1.c (main): Likewise. 
* string/bug-strspn1.c (main): Likewise. 
* string/test-ffs.c (main): Likewise. 
* string/tst-inlcall.c (main): Likewise. 
* string/tst-svc.c (main): Likewise. 
* timezone/test-tz.c (main): Likewise. 
* wctype/test_wcfuncs.c (main): Likewise. 
* wctype/test_wctype.c (main): Likewise.
	* stdlib/tst-random.c: Add attribute noreturn to fail.
2000-12-31 10:52:32 +00:00
Ulrich Drepper
eac4282fa6 Update.
2000-07-27  Jakub Jelinek  <jakub@redhat.com>

	* locale/indigits.h (indigit_value): Correct.
	* locale/indigitswc.h (indigitwc_value): Correct.
	* stdio-common/vfscanf.c (__vfscanf): Fix I18N number
	conversion, add GROUP checking for it, fix GROUP number
	conversion with strlen(thousands) > 1.
	Honour width correctly in the presence of floating
	decimal points and thousands separators.
	* stdio-common/tst-sscanf.c: New test.
	* stdio-common/Makefile: Add it to tests.
	* sysdeps/generic/strtol.c (strtol): Fix conversion if there are
	thousands separators and group argument is non-zero.

	Reported by Andi Kleen <ak@suse.de>.
2000-07-28 17:45:15 +00:00