From 4df05a721a7b38889c2fae8daf8ddf63ad161ffc Mon Sep 17 00:00:00 2001 From: "Hana Ashour (Si-Vision)" Date: Thu, 7 Nov 2024 16:15:53 +0200 Subject: [PATCH] tinystdio: Handled invalid sequence of characters Handled invalid hexadecimal sequence passed to the vfscanf function by using "isxdigit" to check for the full hex range and detect invalid entry. Handled if the exponent in the floating point is a valid entry by using "isdigit" Signed-off-by: Hana Ashour --- newlib/libc/tinystdio/conv_flt.c | 8 ++++++-- newlib/libc/tinystdio/vfscanf.c | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/newlib/libc/tinystdio/conv_flt.c b/newlib/libc/tinystdio/conv_flt.c index de16032b0d..b309e29ac2 100644 --- a/newlib/libc/tinystdio/conv_flt.c +++ b/newlib/libc/tinystdio/conv_flt.c @@ -394,8 +394,12 @@ conv_flt (FLT_STREAM *stream, FLT_CONTEXT *context, width_t width, void *addr, u if (!isdigit (edig)) { scanf_ungetc(edig, stream, context); - if (esign != EOF) - scanf_ungetc(esign, stream, context); + if (esign != EOF) { + esign = scanf_getc (stream, context); + if(!isdigit (esign)) + return 0; + scanf_ungetc(edig, stream, context); + } goto no_exp; } diff --git a/newlib/libc/tinystdio/vfscanf.c b/newlib/libc/tinystdio/vfscanf.c index 7ae6c49fd2..98aba552a9 100644 --- a/newlib/libc/tinystdio/vfscanf.c +++ b/newlib/libc/tinystdio/vfscanf.c @@ -279,6 +279,8 @@ conv_int (FILE *stream, scanf_context_t *context, width_t width, void *addr, uin base = 16; if (!--width || IS_EOF(i = scanf_getc (stream, context))) goto putval; + if(!isxdigit(i)) + goto err; #ifdef _NEED_IO_PERCENT_B } else if (i == 'b' && base <= 2) { base = 2;