[Bug 61511] scanf man page is incomplete re out-of-range integer conversions - bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r

linux-man.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r@public.gmane.org
To: linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: [Bug 61511] scanf man page is incomplete re out-of-range integer conversions
Date: Sun, 04 Oct 2015 21:09:00 +0000	[thread overview]
Message-ID: <bug-61511-11311-qHKddemFmu@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-61511-11311-3bo0kxnWaOQUvHkbgXJLS5sdmw4N0Rt+2LY78lusg7I@public.gmane.org/>

https://bugzilla.kernel.org/show_bug.cgi?id=61511

Jon Harper <jon.harper87-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jon.harper87-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org

--- Comment #3 from Jon Harper <jon.harper87-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> ---
strtod(3) has the following note:
NOTES
       Since 0 can legitimately be returned on both success and failure, the
calling program should set errno to 0 before the call, and
       then determine if an error occurred by checking whether errno has a
nonzero value after the call.

Maybe add the same note to scanf(3) ?


Also, the example program from scanf(3) is:
           char *p;
           int n;

           errno = 0;
           n = scanf("%m[a-z]", &p);
           if (n == 1) {
               printf("read: %s\n", p);
               free(p);
           } else if (errno != 0) {
               perror("scanf");
           } else {
               fprintf(stderr, "No matching characters\n");
           }

which suggests checking for the return value of scanf before checking for
errno, which is wrong in the integer overflow case as scanf returns 1. Change
the order of the checks ?


Also, for scanf, it doesn't set i to a constant value (adapting the example
program to read an int):
jon@zog:~$ cat dez.c 
#include "stdlib.h"
#include "stdio.h"
#include "errno.h"

int main() {
           int res;
           int n;

           errno = 0;
           n = scanf("%d", &res);
           if (n == 1) {
               printf("read: %d\n", res);
           } else if (errno != 0) {
               perror("scanf");
           } else {
               fprintf(stderr, "No matching characters\n");
           }
}

jon@zog:~$ for ((i=0; i<30; i++)); do echo "$((10**i -1))" | ./dez; done
read: 0
read: 9
read: 99
read: 999
read: 9999
read: 99999
read: 999999
read: 9999999
read: 99999999
read: 999999999
read: 1410065407
read: 1215752191
read: -727379969
read: 1316134911
read: 276447231
read: -1530494977
read: 1874919423
read: 1569325055
read: -1486618625
read: -1981284353
read: 1661992959
read: -559939585
read: -1304428545
read: -159383553
read: -1593835521
read: 1241513983
read: -469762049
read: -402653185
read: 268435455
read: -1610612737

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

     prev parent reply	other threads:[~2015-10-04 21:09 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-09-16 20:04 [Bug 61511] New: scanf man page is misleading re out-of-range integer conversions bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
     [not found] ` <bug-61511-11311-3bo0kxnWaOQUvHkbgXJLS5sdmw4N0Rt+2LY78lusg7I@public.gmane.org/>
2013-09-16 21:20   ` walter harms
2013-09-16 21:27   ` [Bug 61511] " bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
2013-09-16 21:48   ` bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
2013-09-16 21:49   ` [Bug 61511] scanf man page is incomplete " bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
2015-10-04 21:09   ` bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-61511-11311-qHKddemFmu@https.bugzilla.kernel.org/ \
    --to=bugzilla-daemon-590eeb7gvniway/ihj7yzeb+6bgklq7r@public.gmane.org \
    --cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).