sscanf produces segfault

[mateuszkobak]

The following code produces a segmentation fault:

char hostname[60] = "[2001:aaa:aaaa:a::a]:8000";
char endbracket;
int len;

sscanf(hostname, "[%*45[0123456789abcdefABCDEF:.]%c%n", &endbracket, &len);
printf("%s\n%c\n%d\n", hostname, endbracket, len);

This is a reproduction of a situation in function Curl_parse_port in curl-7.64.1/lib/urlapi.c.

[Le0nyx]

char hostname[60] = "[2001:aaa:aaaa:a::a]:8000";
int len;

sscanf(hostname, "[%45[0123456789abcdefABCDEF:.]]%n", hostname, &len);
printf("%s\n%d\n", hostname, len);

Howcome you need the "endbracket" variable?
The code above might help

[anglov]

1. Please create issues only in phoenix-rtos-project
2. At the first glance reproduction code is valid (working as expected on linux glibc environment under --std=c99 and -pedantic), so probably there is some issue

Side note: curl upstream majorly modified Curl_parse_port function

[nalajcie]

char hostname[60] = "[2001:aaa:aaaa:a::a]:8000";
int len;

sscanf(hostname, "[%45[0123456789abcdefABCDEF:.]]%n", hostname, &len);
printf("%s\n%d\n", hostname, len);

Howcome you need the "endbracket" variable? The code above might help

Please note that this is a reproduction code from curl, so the intent is not to change the code but check why it fails for our implementation of sscanf.

Regarding why the ] is not used directly - see the original code (https://github.com/curl/curl/blob/curl-7_64_1/lib/urlapi.c#L501) - it's used to detect the zoneidx encoding (eg. [fe80::20c:29ff:fe9c:409b%eth0]:1234 (if endbracket == '%')