This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Ping Re: Fix strtod integer/buffer overflow (bug 14459)


On 8/27/2012 2:38 PM, Joseph S. Myers wrote:
> On Mon, 27 Aug 2012, Carlos O'Donell wrote:
> 
>> This patch adds a dozen new asserts to the various code paths.
>>
>> Could you explain in some detail why the asserts are needed as
>> opposed to diagnosing a condition and returning an error?
> 
> The only error permitted for strtod in errno is ERANGE (which can only be 
> detected in general by setting errno before the call and testing it 
> afterwards); the return value is specified for all inputs, based on 
> interpreting the maximal initial subsequence of the specified form.  There 
> is no way to return any kind of error other than that the specified value 
> results in overflow / underflow.
> 
> The assertions are of two kinds: (a) those where assertion failure would 
> indicate a bug in the code and (b) those where implementation limits are 
> exceeded.  Those of type (a) (several pre-existing) help avoid bugs in one 
> part of the code propagating into possible undefined behavior, including 
> overflows, in the rest of the code, and make it easier for human readers 
> to see what the expectations are of the code at each point.  Those of type 
> (b) are more directly aimed at ensuring an integer overflow cannot occur: 
> calculations where it might not be clear that there are no overflow 
> possibilities have an assertion added that the following calculation does 
> not overflow.

Thanks for the explanation.

This is OK with me for 2.16 given that you've tested on 64-bit and 32-bit builds.

Please checkin to the 2.16 branch.

Cheers,
Carlos.
-- 
Carlos O'Donell
Mentor Graphics / CodeSourcery
carlos_odonell@mentor.com
carlos@codesourcery.com
+1 (613) 963 1026


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]