fix uninitialized/stale use of alloc (%m modifier) flag in scanf

fix uninitialized/stale use of alloc (%m modifier) flag in scanf

for conversion specifiers, alloc is always set when the specifier is
parsed. however, if scanf stops due to mismatching literal text,
either an uninitialized (if no conversions have been performed yet) or
stale (from the previous conversion) of the flag will be used,
possibly causing an invalid pointer to be passed to free when the
function returns.