Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 1 Jan 2017 04:45:19 -0600
From: Ryan Prichard <ryan.prichard@...il.com>
To: musl@...ts.openwall.com
Subject: Edge case: strtol with base==1

Hi,

I noticed that musl's strtol function allows a base of 1 by parsing strings
of only zeros.  With all other bases less than 0 or greater than 36, strtol
fails and sets errno to EINVAL.

Is this an oversight?

Not that it especially *matters*, but my guess is that the behavior isn't
POSIX conforming:
 - POSIX defines valid "subject sequences" for bases of 0 and 2-36.
 - "In other than the C or POSIX locale, additional locale-specific subject
sequence forms may be accepted."

In the C locale, musl is accepting a subject sequence of all zeroes, which
POSIX doesn't define for a base of 1.

http://pubs.opengroup.org/onlinepubs/9699919799/functions/strtol.html

e.g.:

#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main() {
    errno = 0;
    char *endptr = "unset";
    long val = strtol("  0001", &endptr, 1);
    printf("errno=[%s], val=%ld, endptr=[%s]\n",
        strerror(errno), val, endptr ? endptr : "(null)");
    return 0;
}

$ gcc test.c && ./a.out
errno=[Invalid argument], val=0, endptr=[unset]

$ musl-gcc test.c && ./a.out
errno=[No error information], val=0, endptr=[1]

-Ryan

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.