From cbb8a6979038f96d3f67c659363cebf0615c42ba Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Sat, 31 Aug 2013 22:47:44 -0400 Subject: [PATCH] avoid crash in scanf when invalid %m format is encountered invalid format strings invoke undefined behavior, so this is not a conformance issue, but it's nicer for scanf to report the error safely instead of calling free on a potentially-uninitialized pointer or a pointer to memory belonging to the caller. --- src/stdio/vfscanf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/stdio/vfscanf.c b/src/stdio/vfscanf.c index 68c8e2cf..c0e607f5 100644 --- a/src/stdio/vfscanf.c +++ b/src/stdio/vfscanf.c @@ -118,6 +118,8 @@ int vfscanf(FILE *restrict f, const char *restrict fmt, va_list ap) } if (*p=='m') { + wcs = 0; + s = 0; alloc = !!dest; p++; } else { -- 2.25.1