Hi Paul, On Wed, Jul 24, 2024 at 05:09:09PM GMT, Paul Eggert wrote: > On 2024-07-24 14:07, Alejandro Colomar wrote: > > > I forgot to reply to the last part: "Why isn't that [current gnulib] > > good enough? > > > > With an implementation of strtol(3) that does what I wrote above, the > > test `if (!t_ptr)` isn't true, so we go to > > `if (*p == nptr && (errno == 0 || errno == EINVAL))`, which is true. > > > > Assuming that the string matches a valid suffix, it'd succeed, but the > > call should have failed early. > > No, because that code is dealing with the case where the number's text is > missing. And if the number's text is missing it doesn't matter what the base > is; there are no digits to multiply the base by.
I think you didn't understand me. I'll show line-by-line where I think
it will go through.
Assume I call
xstrtol("k", &end, -1, ...);
- if (!t_ptr)
This is dead code in the BSDs and Bionic libc, which always set
*endptr = nptr on EINVAL.
- if (*p == nptr && (errno == 0 || errno == EINVAL))
On the BSDs, this would be true.
- if (! (valid_suffixes && *nptr && strchr (valid_suffixes, *nptr)))
This will be false, since the *nptr is a valid suffix.
- tmp = 1;
We will multiply the base by 1, even if it wasn't in the string.
I don't understand too much the rest of xstrtol(), but I think it will
successfully parse 1000, when it should have failed.
Cheers,
Alex
>
> I see that this part of the API isn't documented; it should be. I installed
> the attached to try to fix that.
>
>
> > (And the worst part might be suggesting> readers that an invalid base can
> be successfully tested after a call to
> > strtol(3), so that they do something similar.)
>
> That's OK; xstrtol.c need not warn about all the problems of strtol. Our
> readers' time is limited and this issue isn't important enough to consume
> their time. (In practice, as I wrote earlier, the base is always valid.)
--
<https://www.alejandro-colomar.es/>
signature.asc
Description: PGP signature
