I was playing with some code that sometimes got a string where a %n
match should have been done where the input string ended, for example
like this:
sscanf("abc123", "abc%d%n", &a, &n); /* doesn't work */
sscanf("
abc123a", "abc%d%n", &a, &n); /* works */
However, the scanf function in the kernel doesn't convert the %n in that
case because it has already matched the complete input after %d and just
completely stops matching then. This patch fixes that.
[akpm@linux-foundation.org: cleanups]
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
break;
str = next;
}
+
+ /*
+ * Now we've come all the way through so either the input string or the
+ * format ended. In the former case, there can be a %n at the current
+ * position in the format that needs to be filled.
+ */
+ if (*fmt == '%' && *(fmt + 1) == 'n') {
+ int *p = (int *)va_arg(args, int *);
+ *p = str - buf;
+ }
+
return num;
}