projects / musl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b7a2761)
avoid null pointer dereference on %*p fields in scanf
authorRich Felker <dalias@aerifal.cx>
Tue, 17 Apr 2012 15:50:02 +0000 (11:50 -0400)
committerRich Felker <dalias@aerifal.cx>
Tue, 17 Apr 2012 15:50:02 +0000 (11:50 -0400)
src/stdio/vfscanf.c patch | blob | history

diff --git a/src/stdio/vfscanf.c b/src/stdio/vfscanf.c
index 5c1e49b..926d8a9 100644 (file)
--- a/src/stdio/vfscanf.c
+++ b/src/stdio/vfscanf.c
@@ -284,7 +284,7 @@ int vfscanf(FILE *f, const char *fmt, va_list ap)
                int_common:
                        x = __intscan(f, base, 0, ULLONG_MAX);
                        if (!shcnt(f)) goto match_fail;
                int_common:
                        x = __intscan(f, base, 0, ULLONG_MAX);
                        if (!shcnt(f)) goto match_fail;
-                       if (t=='p') *(void **)dest = (void *)(uintptr_t)x;
+                       if (t=='p' && dest) *(void **)dest = (void *)(uintptr_t)x;
                        else store_int(dest, size, x);
                        break;
                case 'a': case 'A':
                        else store_int(dest, size, x);
                        break;
                case 'a': case 'A':
musl