On Mon May 8 2023 23:18:45 deloptes via tde-devels wrote:
> Mike Bird via tde-devels wrote:
> > %as is looking for a float so let's ignore that.
>
> I found out %as means do not store (strip) the terminator \0.
Do you have a man page for that? The test code is not written
to handle non-terminated strings. How would it know the lengths?
> > If we switch back to %s it's looking for a string which would be
> > great except no memory has been allocated for the strings.
> >
> > The attached works with both gcc and clang but the important thing
> > to remember is NEVER NEVER NEVER use scanf or any variant thereof.
>
> What do you mean it works with gcc? I have debian with gcc-10 and it does
> following:
My test.c attached to my previous email - sorry I should have chosen a
different name to avoid confusion - works with gcc-10 and clang-11 in
Debian 11.7 Bullseye.
> $ ./test
> String: interpreter usb 0x04b8
> 0x0142 /usr/lib/esci/libesci-interpreter-perfection-v330
> /usr/share/esci/esfwad.bin vendor 4b8
> product 142
> library (null)
> firmware (null)
>
> > https://dwheeler.com/secure-programs/Secure-Programs-HOWTO/dangers-c.html
>
> I am not the owner of this code. It was working for the past 6y and as
> reported when compiled last year in Buster it works as well, but now
> compiled in Bullseye is not working.
> For me it is not the matter of using it or not, but a change somewhere
> either in gcc (Buster was using gcc-8) or in the libraries.
>
> Also regarding the memory allocated. You are right. It is working if I
> allocate memory and use %s instead of %as.
> Why, oh, why?!
>
> Is there some kind of flag or option for the compiler?
%a currently means floating point.
%as used to be a non-standard and incompatible way of asking for
memory to be assigned for the strings but it won't work unless you
use special flags. The standards-compliant way to assign memory
while scanning is %ms.
So a simple fix would be to change %as to %ms but it's hard to get
it right - you have to free(3) the allocated memory but only if the
sscanf actually some memory. The attached test3.c shows how to do
this in this simple case.
--Mike
/* sscanf example */
#include <stdio.h>
#include <stdlib.h>
int main (void)
{
char sentence []="interpreter usb 0x04b8 0x0142 /usr/lib/esci/libesci-interpreter-perfection-v330 /usr/share/esci/esfwad.bin";
unsigned int vendor;
unsigned int product;
char *library;
char *firmware;
int result = sscanf (sentence, "%*s %*s %x %x %ms %ms",
&vendor, &product, &library, &firmware);
if (result == 4) {
printf ("vendor %x\n", vendor);
printf ("product %x\n", product);
printf ("library %s\n", library);
printf ("firmware %s\n", firmware);
free(firmware);
}
if (result >= 3) {
free(library);
}
return 0;
}
____________________________________________________
tde-devels mailing list -- devels@xxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devels-leave@xxxxxxxxxxxxxxxxxx
Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/devels@xxxxxxxxxxxxxxxxxx
