* strtoul pitfalls
@ 2025-03-21 19:05 Bruno Haible
2025-03-21 20:02 ` Alejandro Colomar
0 siblings, 1 reply; 2+ messages in thread
From: Bruno Haible @ 2025-03-21 19:05 UTC (permalink / raw)
To: Alejandro Colomar, linux-man
Hi Alejandro,
reviewing the strtoul() calls in gnulib and gettext, I found several
places where the original coder had fallen into one of these two pitfalls.
I would find it good to mention both pitfalls more prominently in the
man-pages (the first one is mentioned as a NOTE, should better be called
a BUG).
* Leading whitespace and a sign are accepted by default.
Often this is not desired.
To avoid this, the caller should pre-parse the initial portion
of the string, up to the first digit.
* If values > MAX should lead to a diagnostic, they arise in two
circumstances:
- errno = ERANGE,
- errno = 0, end == str, but value > MAX.
It is not obvious how to arrange the code, so as to get the same
diagnostic, without code duplication.
Bruno
[1] https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=008ff109def9bdfdd04a12355d8f4a835045ae41
[2] https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=3df6da258c338e4fd165a2850bb8d4b0f39b6e9b
[3] https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=commitdiff;h=b8ab4f2bef0ff18cf1ae749c1c81a359a40d0450
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: strtoul pitfalls
2025-03-21 19:05 strtoul pitfalls Bruno Haible
@ 2025-03-21 20:02 ` Alejandro Colomar
0 siblings, 0 replies; 2+ messages in thread
From: Alejandro Colomar @ 2025-03-21 20:02 UTC (permalink / raw)
To: Bruno Haible; +Cc: Alejandro Colomar, linux-man
[-- Attachment #1: Type: text/plain, Size: 1617 bytes --]
Hi Bruno,
On Fri, Mar 21, 2025 at 08:05:18PM +0100, Bruno Haible wrote:
> Hi Alejandro,
>
> reviewing the strtoul() calls in gnulib and gettext, I found several
> places where the original coder had fallen into one of these two pitfalls.
> I would find it good to mention both pitfalls more prominently in the
> man-pages (the first one is mentioned as a NOTE, should better be called
> a BUG).
>
> * Leading whitespace and a sign are accepted by default.
> Often this is not desired.
> To avoid this, the caller should pre-parse the initial portion
> of the string, up to the first digit.
>
> * If values > MAX should lead to a diagnostic, they arise in two
> circumstances:
> - errno = ERANGE,
> - errno = 0, end == str, but value > MAX.
> It is not obvious how to arrange the code, so as to get the same
> diagnostic, without code duplication.
Agree. I think this page needs a long BUGS and CAVEATS pair of
sections. I'll write something about it. Feel free to report more bugs
about these APIs; this will help kill them soon. I'll present the
resulting manual pages as part of the defense of my paper for C2y.
Have a lovely night!
Alex
>
> Bruno
>
> [1] https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=008ff109def9bdfdd04a12355d8f4a835045ae41
> [2] https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=3df6da258c338e4fd165a2850bb8d4b0f39b6e9b
> [3] https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=commitdiff;h=b8ab4f2bef0ff18cf1ae749c1c81a359a40d0450
>
>
>
--
<https://www.alejandro-colomar.es/>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-03-21 20:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-21 19:05 strtoul pitfalls Bruno Haible
2025-03-21 20:02 ` Alejandro Colomar
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox