[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Info-mtools] [PATCH] misc.c: Make the output reproducible

From: Pali Rohár
Subject: Re: [Info-mtools] [PATCH] misc.c: Make the output reproducible
Date: Mon, 29 Oct 2018 23:06:07 +0100
User-agent: NeoMutt/20170113 (1.7.2)

On Monday 29 October 2018 17:45:55 Chris Lamb wrote:
> Hi Pali,
> Thank you again for your comments.
> > You are using strtoull() function which returns unsigned value and does
> > *not* signal overflow by design. You need to use strtoll() which returns
> > signed integer and then you can check underflow by above code.
> Can't quite parse this; so simply strtoll → strtoull will "just work" in
> that I already check errno for ERANGE?

No. You should avoid usage of strtoull, so change strtoull → strtoll.

strtoull() does not set errno to ERANGE when input value underflow.
strtoull() does not modify errno on underflow and it is by design and
really stupid. You can check and verity this strange behavior:

  #include <stdio.h>
  #include <stdlib.h>
  #include <errno.h>
  int main() {
    unsigned long long value;
    char *endptr = NULL;
    errno = 0;
    value = strtoull("-2", &endptr, 10);
    printf("errno=%d value=%llu *endptr=%d\n", errno, value, (int)*endptr);
    return 0;

It prints:

  errno=0 value=18446744073709551614 *endptr=0

And there is no evidence that returned value from strtoull (unsigned
value) underflow as errno is zero and endptr points to the end of input

> > > > 2) Leading (whitespace) garbage.
> [..]
> > And this is my question. It is OK that you accept value which has
> > leading whitespaces, but do not accept value which has trailing
> > whitespaces?
> Well, it is mostly to detect trailing garbage such as the value:
>   "1this-is-not-valid-or-some-kind-of-mistake"

Yes. It detects any garbage.

> > It is pity that such common operation "convert string to number" is hard
> > to write correctly in C.
> Indeed. (I guess it keeps the security folks employed, mind you...)
> Regards,

Pali Rohár

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]