diff options
author | Rich Felker <dalias@aerifal.cx> | 2012-04-10 23:05:16 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2012-04-10 23:05:16 -0400 |
commit | 633a26c1e69b6a977d16086834f2b937e0378002 (patch) | |
tree | e4f51cf1854e3416f9423c5c15bb779f4eeb5004 | |
parent | c5ff29699cb3cccf8dcd8e44ddf4dcb7599e585c (diff) | |
download | musl-633a26c1e69b6a977d16086834f2b937e0378002.tar.gz musl-633a26c1e69b6a977d16086834f2b937e0378002.tar.xz musl-633a26c1e69b6a977d16086834f2b937e0378002.zip |
fix potential overflow in exponent reading
note that there's no need for a precise cutoff, because exponents this large will always result in overflow or underflow (it's impossible to read enough digits to compensate for the exponent magnitude; even at a few nanoseconds per digit it would take hundreds of years).
-rw-r--r-- | src/internal/floatscan.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/internal/floatscan.c b/src/internal/floatscan.c index 3875719b..ed735278 100644 --- a/src/internal/floatscan.c +++ b/src/internal/floatscan.c @@ -44,7 +44,7 @@ static long long scanexp(FILE *f, int pok) } for (x=0; c-'0'<10U && x<INT_MAX/10; c = shgetc(f)) x = 10*x + c-'0'; - for (y=x; c-'0'<10U && x<LLONG_MAX/10; c = shgetc(f)) + for (y=x; c-'0'<10U && x<LLONG_MAX/100; c = shgetc(f)) y = 10*y + c-'0'; for (; c-'0'<10U; c = shgetc(f)); shunget(f); |