Auditing callers, we have no external callers of qemu_strtod, and
among the callers of qemu_strtod_finite:
- qapi/qobject-input-visitor.c:qobject_input_type_number_keyval() and
qapi/string-input-visitor.c:parse_type_number() which reject all
errors (does not matter what we store)
- utils/cutils.c:do_strtosz() incorrectly assumes that *endptr points
to '.' on all failures (that is, it is not distinguishing between
EINVAL and ERANGE; and therefore still does the WRONG THING for
"9.9e999". The change here does not fix that (a later patch will
tackle this more systematically), but at least the value of endptr
is less likely to be out of bounds on overflow
- our testsuite, which we can update to match what we document
Thanks and Regards
Deepanshu Garg
https://www.abrasivegrit.in/product/silicon-carbide