[uClibc 0001577]: strtol accepts backtick as valid digit

bugs at busybox.net bugs at busybox.net
Wed Nov 7 10:44:32 UTC 2007


The following issue has been SUBMITTED. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1577 
====================================================================== 
Reported By:                patchman
Assigned To:                uClibc
====================================================================== 
Project:                    uClibc
Issue ID:                   1577
Category:                   Other
Reproducibility:            always
Severity:                   trivial
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             11-07-2007 02:44 PST
Last Modified:              11-07-2007 02:44 PST
====================================================================== 
Summary:                    strtol accepts backtick as valid digit
Description: 
strtol will not report an error if a backtick is part of the number-string
to
convert. E.g. "5000`" will be converted to 50009. Looking at the code I
see that
this is a corner case that is not checked:

...
digit = (((Wuchar)(*str - '0')) <= 9)
	? (*str - '0')
	: ((*str >= 'A')
	   ? (((0x20|(*str)) - 'a' + 10)) /* WARNING: assumes ascii. */
		  : 40);

if (digit >= base) {
	break;
}
...

A backtick is 0x60. So it is greater than 'A'. 0x20|0x60 is 0x80.
0x80-'a'+10
evaluates to '9' which is accepted as a valid digit. This piece of code
occurs
more than once in the code. The trunk seems to contain the bug, too.

The solution would be to explicitly check for this case.
====================================================================== 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
11-07-07 02:44  patchman       New Issue                                    
11-07-07 02:44  patchman       Status                   new => assigned     
11-07-07 02:44  patchman       Assigned To               => uClibc          
======================================================================




More information about the uClibc-cvs mailing list