Scanf ignores possitional parameters parsing format strings... #4321
Comments
|
Comment author: @pierreweis According to its documentation, the Scanf module is not supposed to accept any positional parameters specification in the format strings. So, raising an exception is the correct and expected behaviour. Indeed, the static type-checker also rejects positional parameters, as examplify here: format_of_string "%1$s";;Bad conversion %$, at char number 0 in format string ``%1$s'' Despite those checks, your example leads to the production of a format string value with positional parameters in it, by-passing the typechecker checks and the Scanf checks! This is due to a bug in the function that performs the dynamic type-checking verification for format strings which I will correct very soon. |
|
Comment author: @damiendoligez Quick fix: remove positional parameters in printf/scanf. They will come back when we manage to make them work perfectly. |
Original bug ID: 4321
Reporter: till
Assigned to: @pierreweis
Status: closed (set by @damiendoligez on 2008-09-10T15:35:23Z)
Resolution: fixed
Priority: normal
Severity: crash
Version: 3.10.0
Fixed in version: 3.11+dev
Category: ~DO NOT USE (was: OCaml general)
Related to: #3992
Monitored by: jm @mmottl
Bug description
doesn't raise any exception while:
raises one....
Additional information
I consider this bug to be critical since it can be exploited in some application to cause ocaml to segfault, for instance, in i18n it is frequent to get format strings from separate files...
consider:
let f s = Scanf.sscanf s "Toto %{%c %s%}" (fun f ->Printf.printf f 'x' "123");;
let _ = f "Toto "%2$c=%1$s"";;
The text was updated successfully, but these errors were encountered: