BUG: GP Fault in sscanf Function When Using /Gf Option

The information in this article applies to:

• The C Run-time (CRT), included with: Microsoft Visual C++ for Windows, versions 1.0 and 1.5

SYMPTOMS

Using sscanf() in a Windows program with the Eliminate Duplicate Strings compiler option (/Gf) will generate a general protection (GP) fault under certain circumstances.

CAUSE

The sscanf() internal functions may try to write to the buffer that the original data is stored in. Under the large and compact memory model, the /Gf option locates string literals in the code segment of the program. If a write is attempted into the code segment, the application generates a GP fault.

In the sample provided below, internal functions called by sscanf() try to write the space character back into the data buffer string located in the code segment.

RESOLUTION

Use a buffer to work around this problem as shown by the code below. Disabling the /Gf option will work as well.

STATUS

Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

Sample Code to Demonstrate Problem and Workaround

/* Compile options needed: /Gf /AL /Mq
*/

/* Commenting out the #define will make this work correctly. */

#include <windows.h>
#include <stdio.h>

#define _STRING_POOLING_

void main()

 float e = 0.0f;
 float f = 0.0f;
 char *ptr = "0.1 0.2";
 char *fmt = "%f %f";
 char buf[20] = {"0.1 0.2"};

 sscanf( ptr, fmt, &e, &f);  // BAD

 sscanf( buf, fmt, &e, &f);  // OK