summaryrefslogtreecommitdiffstats
path: root/compiler-rt
diff options
context:
space:
mode:
Diffstat (limited to 'compiler-rt')
-rw-r--r--compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_scanf.inc4
-rw-r--r--compiler-rt/lib/sanitizer_common/tests/sanitizer_scanf_interceptor_test.cc2
2 files changed, 4 insertions, 2 deletions
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_scanf.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_scanf.inc
index 8bb5cd818ac..08752e6a3b8 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_scanf.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_scanf.inc
@@ -278,7 +278,7 @@ static void scanf_common(void *ctx, int n_inputs, bool allowGnuMalloc,
CHECK_GT(n_inputs, 0);
const char *p = format;
- while (*p && n_inputs) {
+ while (*p) {
ScanfDirective dir;
p = scanf_parse_next(p, allowGnuMalloc, &dir);
if (!p)
@@ -301,6 +301,8 @@ static void scanf_common(void *ctx, int n_inputs, bool allowGnuMalloc,
void *argp = va_arg(aq, void *);
if (dir.convSpecifier != 'n')
--n_inputs;
+ if (n_inputs < 0)
+ break;
if (size == SSS_STRLEN) {
size = internal_strlen((const char *)argp) + 1;
}
diff --git a/compiler-rt/lib/sanitizer_common/tests/sanitizer_scanf_interceptor_test.cc b/compiler-rt/lib/sanitizer_common/tests/sanitizer_scanf_interceptor_test.cc
index 1df2bcfd4be..e0354062508 100644
--- a/compiler-rt/lib/sanitizer_common/tests/sanitizer_scanf_interceptor_test.cc
+++ b/compiler-rt/lib/sanitizer_common/tests/sanitizer_scanf_interceptor_test.cc
@@ -169,7 +169,7 @@ TEST(SanitizerCommonInterceptors, Scanf) {
testScanfPartial("%d%d%d%d //3\n", 3, 3, I, I, I);
testScanfPartial("%d%d%d%d //4\n", 4, 4, I, I, I, I);
- testScanfPartial("%d%n%n%d //1\n", 1, 1, I);
+ testScanfPartial("%d%n%n%d //1\n", 1, 3, I, I, I);
testScanfPartial("%d%n%n%d //2\n", 2, 4, I, I, I, I);
testScanfPartial("%d%n%n%d %s %s", 3, 5, I, I, I, I, scanf_buf_size);
OpenPOWER on IntegriCloud