This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/13138] scanf crashes on very long numbers
- From: "bugdal at aerifal dot cx" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Sat, 03 Sep 2011 05:08:56 +0000
- Subject: [Bug libc/13138] scanf crashes on very long numbers
- Auto-submitted: auto-generated
- References: <bug-13138-131@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=13138
Rich Felker <bugdal at aerifal dot cx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bugdal at aerifal dot cx
--- Comment #3 from Rich Felker <bugdal at aerifal dot cx> 2011-09-03 05:08:56 UTC ---
POSIX uses the more-clear language "or if the result of the conversion cannot
be represented in the space provided" rather than "... in the object". In
either case, I believe this is referring to string conversions that overflow
the destination buffer, not numeric conversions. I can't find any language
regarding what happens when a numeric value is outside the range of the type,
but the expected form is specified in terms of strtol, etc., so it would not be
unreasonable to expect scanf to behave the same as these functions.
By the way, can the bug be reproduced with a huge string of zeros? If so, the
numeric overflow issue is irrelevant and the behavior is definitely
well-defined by the standard.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.