allen@bunker.UUCP (C. Allen Grabert) (04/19/84)
Not being a regular reader of this newsgroup or an "experienced" systems
programmer, I have no idea if this bug has been noted before, but here goes.
'doscan.c', the common code for the 'scanf' routines, has a bug whereby a
program can go into an infinite loop. One of our employees was reading
hex numbers and encountered an invalid hex digit; the program promptly
looped. At roughly line 174 of the code there are the lines:
if (c != EOF) {
ungetc(c, iop); ...
The code assumes that a number has been decoded and the value of 'c' is the
character following the number. However, the code should first check to see
if a number has actually been decoded or if the character is the first
character of the number. One possibility is to insert the line:
if (np == numbuf)
excuse me, make that:
if (np > numbuf)
between the two lines mentioned above. However, I am not in a position to
make a change and see if it works properly for a group of users, so please
take my suggestion as an educated guess.