Bug 22672 - Problems with sscanf parsing certain hex-floats
Summary: Problems with sscanf parsing certain hex-floats
Status: RESOLVED DUPLICATE of bug 12701
Alias: None
Product: glibc
Classification: Unclassified
Component: stdio (show other bugs)
Version: 2.26
: P2 enhancement
Target Milestone: ---
Assignee: Not yet assigned to anyone
Depends on:
Reported: 2018-01-04 10:27 UTC by Moritz K.
Modified: 2018-01-04 12:17 UTC (History)
1 user (show)

See Also:
Last reconfirmed:
fweimer: security-

example code, visualizing the behavior from above (155 bytes, text/plain)
2018-01-04 10:27 UTC, Moritz K.

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz K. 2018-01-04 10:27:41 UTC
Created attachment 10712 [details]
example code, visualizing the behavior from above

Assume `d` as a normal double variable.
`sscanf ( "0x", "%lf", &d )`
returns `0` and `d` isn't modified, 'cause the string can't be parsed.
I think that 0x indicates in correspondence with `%lf`, that there seem to be a maybe slightly incomplete hex-float.

But wouldn't it be a better behavior if this statement is correctly parsed into the double `d` with the value `0`, 'cause ignoring the `x` and correctly parsing `0` as well as assuming that `0x` originally means `0x0` is a much more thought-out behavior than just saying "sry, but this can't be parsed, so it's better doing nothing"?
Even though `sscanf ( "0x", "%i", &i )` returns successfully `1` and the integer value `i` is going to have the value `0`. Furthermore e.g. BSD' versions of GCC on MacOS correctly parses the 0x-lf case...

I'm using a x86_64-pc-linux-gnu 4.14.9-Linux to compile the code using GCC-7.2.1 without any significant options (no compiler warnings present).
Comment 1 Florian Weimer 2018-01-04 12:17:34 UTC
This looks like a close match to bug 12701.

*** This bug has been marked as a duplicate of bug 12701 ***