fix 2 eof-related bugs in scanf

1. failed match of literal chars from the format string would always
return matching failure rather than input failure at eof, leading to
infinite loops in some programs.

2. unread of eof would wrongly adjust the character counts reported by
%n, yielding an off-by-one error.

diff --git a/src/stdio/__scanf.c b/src/stdio/__scanf.c
index 185615d3a5097b8ea3904539825af956ce2dd5ff..062327d75c5851e7b014bb5e03742e19e6ab1409 100644 (file)
--- a/src/stdio/__scanf.c
+++ b/src/stdio/__scanf.c
@@ -22,8 +22,7 @@ static int read(rctx_t *r)
 
 static void unread(rctx_t *r)
 {
-       //if (r->u || r->w < 0) return;
-       if (r->w < 0) return;
+       if (r->c < 0 || r->w < 0) return;
        r->w++;
        r->u = 1;
 }
@@ -99,7 +98,9 @@ int __scanf(rctx_t *r, const wchar_t *fmt, va_list ap)
                } else if (*p != '%' || p[1] == '%') {
                        if (*p == '%') p++;
                        r->w = 1;
-                       if (*p++ != read(r))
+                       if ((c = read(r)) < 0)
+                               goto input_fail;
+                       if (*p++ != c)
                                goto match_fail;
                        continue;
                }