about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2012-04-13 03:26:59 -0400
committerRich Felker <dalias@aerifal.cx>2012-04-13 03:26:59 -0400
commit54222d1efc5239d3fc8c528672bd52bfd8dad813 (patch)
tree703fffd260ae2435d51fc19a582906eca9a317a6 /src
parent3ddeedd8f75be8a3dc2a167746f36f871d7e595a (diff)
downloadmusl-54222d1efc5239d3fc8c528672bd52bfd8dad813.tar.gz
musl-54222d1efc5239d3fc8c528672bd52bfd8dad813.tar.xz
musl-54222d1efc5239d3fc8c528672bd52bfd8dad813.zip
fix spurious overflows in strtoull with small bases
whenever the base was small enough that more than one digit could
still fit after UINTMAX_MAX/36-1 was reached, only the first would be
allowed; subsequent digits would trigger spurious overflow, making it
impossible to read the largest values in low bases.
Diffstat (limited to 'src')
-rw-r--r--src/internal/intparse.c10
1 files changed, 3 insertions, 7 deletions
diff --git a/src/internal/intparse.c b/src/internal/intparse.c
index ffd06fe0..e30a1a58 100644
--- a/src/internal/intparse.c
+++ b/src/internal/intparse.c
@@ -25,12 +25,12 @@ static const unsigned char digits[] = {
 };
 
 #define SLIM (UINT_MAX/36-1)
-#define LLIM (UINTMAX_MAX/36-1)
 
 int __intparse(struct intparse *v, const void *buf, size_t n)
 {
 	const unsigned char *s = buf;
 	int d, b = v->base;
+	uintmax_t llim;
 
 	v->cnt += n;
 	for (; n; n--, s++) switch (v->state) {
@@ -83,16 +83,12 @@ int __intparse(struct intparse *v, const void *buf, size_t n)
 		v->state++;
 		v->val = v->small;
 	case 5:
-		for (; n && (d=digits[*s])<b && v->val<=LLIM; n--, s++)
+		llim = UINTMAX_MAX/b;
+		for (; n && (d=digits[*s])<b && v->val<=llim && d<=UINTMAX_MAX-v->val*b; n--, s++)
 			v->val = v->val * b + d;
 		if (!n) return 1;
 		if (d >= b) goto finished;
-		if (v->val <= (UINTMAX_MAX-d)/b)
-			v->val = v->val * b + d;
-		else
-			v->err = ERANGE;
 		v->state++;
-		n--; s++;
 	case 6:
 		if (n && digits[*s]<b) {
 			v->err = ERANGE;