Package: dash Version: 0.5.7-3 Severity: minor Dash integer overflow is not in line with other shells nor with POSIX.
When evaluating integer number in arithmetic expansion $((...)), dash behavior is not in line with other shells. For example, let's use: 2^64=18446744073709551616 $ bash $ echo "$((18446744073709551616))" 0 $ mksh $ echo "$((18446744073709551616))" 0 $ posh $ echo "$((18446744073709551616))" 0 $ dash $ echo "$((18446744073709551616))" 9223372036854775807 $ ksh93 $ echo "$((18446744073709551616))" 1.84467440737095516e+19 $ zsh ... % echo "$((18446744073709551616))" zsh: number truncated after 19 digits: 18446744073709551616 1844674407370955161 What dash returns for anything larger than 2^63-1=9223372036854775807 are always quietly 2^63-1=9223372036854775807. This is not signed long integer arithmetic. POSIX seems to allow using floating point in case of overflow. So ksh93 may be OK. Also, error statement after invalid input is an option. So zsh may be be OK. But dash behavior seems to stand out not being signed long integer arithmetic and not using any exception rules: || The shell may use a real-floating type || instead of signed long as long as it does not affect the results in || cases where there is no overflow. If the expression is invalid, the || expansion fails and the shell shall write a message to standard error || indicating the failure. ================================== Here, I quote the full definition of "arithmetic expansion" http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_06_04 Arithmetic expansion provides a mechanism for evaluating an arithmetic expression and substituting its value. The format for arithmetic expansion shall be as follows: $((expression)) The expression shall be treated as if it were in double-quotes, except that a double-quote inside the expression is not treated specially. The shell shall expand all tokens in the expression for parameter expansion, command substitution, and quote removal. Next, the shell shall treat this as an arithmetic expression and substitute the value of the expression. The arithmetic expression shall be processed according to the rules given in Arithmetic Precision and Operations , with the following exceptions: Only signed long integer arithmetic is required. Only the decimal-constant, octal-constant, and hexadecimal-constant constants specified in the ISO C standard, Section 6.4.4.1 are required to be recognized as constants. The sizeof() operator and the prefix and postfix "++" and "--" operators are not required. Selection, iteration, and jump statements are not supported. All changes to variables in an arithmetic expression shall be in effect after the arithmetic expansion, as in the parameter expansion "${x=value}". If the shell variable x contains a value that forms a valid integer constant, then the arithmetic expansions "$((x))" and "$(($x))" shall return the same value. As an extension, the shell may recognize arithmetic expressions beyond those listed. The shell may use a signed integer type with a rank larger than the rank of signed long. The shell may use a real-floating type instead of signed long as long as it does not affect the results in cases where there is no overflow. If the expression is invalid, the expansion fails and the shell shall write a message to standard error indicating the failure. -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (10, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.7-trunk-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages dash depends on: ii debianutils 4.3.4 ii dpkg 1.16.9 ii libc6 2.13-38 dash recommends no packages. dash suggests no packages. -- debconf information: * dash/sh: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
