ID: 38322 Updated by: [EMAIL PROTECTED] Reported By: heintz at hotmail dot com -Status: Open +Status: Feedback Bug Type: Strings related Operating System: all PHP Version: 5.1.4 New Comment:
Please check out this patch: http://tony2001.phpclub.net/dev/tmp/bug38322.diff Previous Comments: ------------------------------------------------------------------------ [2006-08-04 00:36:21] heintz at hotmail dot com Description: ------------ ext/standard/scanf.c line ~887 --- if (numVars) { current = args[objIndex++]; --- objIndex points past the end of array in other format cases too Reproduce code: --------------- sscanf('foo ','$1s',$str); http://www.plain-text.info/sscanf_bug.txt - full description Actual result: -------------- will try to dereference a pointer to pointer which usually causes segmentation fault ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=38322&edit=1
