NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: lib/58461: strtoi(3) is not portable
The following reply was made to PR lib/58461; it has been noted by GNATS.
From: Alejandro Colomar <alx%kernel.org@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: kre%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost,
Paul Eggert <eggert%cs.ucla.edu@localhost>
Subject: Re: lib/58461: strtoi(3) is not portable
Date: Wed, 24 Jul 2024 11:17:30 +0200
--4dtjwyhr34epm66e
Content-Type: text/plain; protected-headers=v1; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
From: Alejandro Colomar <alx%kernel.org@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: kre%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost,
Paul Eggert <eggert%cs.ucla.edu@localhost>
Subject: Re: lib/58461: strtoi(3) is not portable
References: <pr-lib-58461%gnats.netbsd.org@localhost>
<20240723231504.6A0FA1A923C%mollari.NetBSD.org@localhost>
<20240724014002.1EB2A1A923B%mollari.NetBSD.org@localhost>
MIME-Version: 1.0
In-Reply-To: <20240724014002.1EB2A1A923B%mollari.NetBSD.org@localhost>
[CC +=3D Paul]
Hi Robert,
On Wed, Jul 24, 2024 at 01:40:02AM GMT, Robert Elz wrote:
> The following reply was made to PR lib/58461; it has been noted by GNATS.
>=20
> From: Robert Elz <kre%munnari.OZ.AU@localhost>
> To: gnats-bugs%netbsd.org@localhost
> Cc:=20
> Subject: Re: lib/58461: strtoi(3) is not portable
> Date: Wed, 24 Jul 2024 08:38:28 +0700
>=20
> The supplied patch is incorrect for NetBSD (and anywhere) as
> when EINVAL is returned from strtoimax() (in the POSIX mandatory case,
> to indicate an invalid base, as opposed to the POSIX optional case,
> to indicate that no digits were converted) the value of *endptr is
> unspecified, and hence cannot be compared to anything (and as it
> happens, on NetBSD it gets set to nptr and so expecting it to remain
> at any initial value is never going to work).
Ughh, while it is true that it is unspecified, I hadn't known any
implementation that didn't leave it untouched. You're right that this
patch won't work on NetBSD.
This makes my fears come true, actually. I was wishing that I was wrong
back then...
I documented in the Linux man-pages that it is impossible to portably
detect an invalid base _after_ a call to strtol(3), as you say. And
thus it only makes sense to validate the base before the call, which
makes the POSIX decision to report EINVAL completely bogus, because a
caller will likely invoke UB if it reads *endptr afterwards (which will
often happen). And so ISO C's choice of leaving the behavior undefined
on an invalid base was actually better (POSIX probably only codified
implementations's behavior; historic accidents are probably to be blamed
for these discrepancies between strtol(3) implementations). I was
recently hoping that I was wrong and that the only expectable
consequence of POSIX choosing to report EINVAL was that it could be
tested somehow.
And indeed POSIX says something like that in APPLICATION USAGE.
I see that FreeBSD, OpenBSD, and Bionic libc (Android) also set nptr on
an invalid base. It seems glibc and musl are the weirdos here. :(
My bad.
Robert, would you mind opening a bug report for POSIX, requesting to
clarify the APPLICATION USAGE paragraph in the following sense?:
Since the value of *endptr is unspecified
if the value of base is not supported,
applications should either ensure that base has a supported value
(0 or between 2 and 36) before the call,
-or check for an [EINVAL] error before examining *endptr.
+or check for an [EINVAL] error before examining *endptr
+(but on systems that fail with EINVAL
+when no conversion could be performed,
+this is not an option).
or alternatively, for simplicity:
Since the value of *endptr is unspecified
if the value of base is not supported,
-applications should either ensure that base has a supported value
-(0 or between 2 and 36) before the call,
+applications should ensure that base has a supported value
+(0 or between 2 and 36) before the call.
-or check for an [EINVAL] error before examining *endptr.
If you do, please add
Reported-by: Alejandro Colomar <alx%kernel.org@localhost>
(I don't report it myself because I've always had a lot of trouble
following Austin's processes; I don't know how to report a bug there.)
> I have a different patch, which avoids the POSIX mandatory EINVAL
> completely, by simply validating base before calling strtoimax(),
> hence an EINVAL we do get from that (which now will never happen on
> NetBSD) must be the optional one, so if it happens, we will simply
> ignore that, and continue as if errno=3D=3D0 had been returned (or more
> correctly for strtoimax(), as if errno had not been altered, which
> is the same thing with the strtoi() code).
Yeah, that was my original approach, which has the downside that if a
system adds support for other bases (e.g., base 1, a.k.a., tally marks)
strtoi(3) would need to be patched because it hardcoded the bases. But
it is how it is, it seems.
Have a lovely day!
Alex
--=20
<https://www.alejandro-colomar.es/>
--4dtjwyhr34epm66e
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE6jqH8KTroDDkXfJAnowa+77/2zIFAmagxqQACgkQnowa+77/
2zKNVg/9FJPQ+abyQ2SpD5EjHdpT90DDgnQoe9GyWYBY5hTmja0ZmgG2KPmno97g
E5ntjgjaOQuznDxdRG+uM9FimPz/SPaAt3ZTqDoFsKuAzAD4sAz9YkCDTuuMnRQY
XVFM31xf9+T6yBkaDd/3WdwIxmvaxn/QA7w+5Alq0nHtFx21ELZ2dYnlr1pSLYcA
Bw6bXgeAYKpOs/oEEJDJP1kBBebL4lIelV/2d//vI1ROW9K3WCoM2tDFYgMTkn4f
TfyGFqE9A8KRtJThHsrd+VvU3Sk5wzfqOJRvJkvZBLwJJMzSqdVZqI1QNolIXanc
3VkOHLjFWFPtL/yjL6NqKv3REpYmnnEW9Q9ACSYeJ1zPQ1wFOwNpZY2Zvg+5r+rR
FQA93JAfkkdujeUlzhISi2uD6h2cD4glgzdDVrLZhtvUI3n+iu0Cq4dra9MyyOaH
/EDPGR5BQ4GkcVBkgayI0Pr2CAESraB76+nWy9/tJtBavVVfvanyAQtVAkITbDO9
+1ibXbr4NzvClAyetBJZW+p0ksSieICUdf+pbv+A8Qi4R51Gn7X1Byv5/V7RRaFd
JN4LrF1HRx54kK9U9kRrgXQ4Hlw7LQPy192MMje64MSeokFf/1+ut2GbNuOir1ZK
du5bQFxbjYN9Bo4+90EytJO7UEKd9752Fvxo3rGh4OUuNw8lreM=
=RmLY
-----END PGP SIGNATURE-----
--4dtjwyhr34epm66e--
Home |
Main Index |
Thread Index |
Old Index