Subject: Re: strtonum(3) in our libc
To: Mindaugas <>
From: Jason Thorpe <>
List: tech-userlevel
Date: 06/05/2006 11:43:32
On Jun 2, 2006, at 5:16 PM, Mindaugas wrote:

> Hi,
> some time ago OpenBSD developers implemented strtonum(3) function  
> which
> is safer implementation of atoi(3) and strtol(3) - it does bounds
> checking, error detection, etc. They use it several applications (e.g.
> OpenSSH has native implementation).
> This function doesn't conform to POSIX or any other standard, but it
> might be useful. FreeBSD also made decision to import this function  
> into
> the libc.

There are at least 4 obvious problems with the proposed API:

1- How do you do error detection?  Looks like you check for return  
value of zero and a non-zero errno?  This is bogus.  It should return  
0 on success and an error code on failure.  The result should be  
passed back by the caller providing a pointer.

2- It does not take a base argument.

3- It does not handle unsigned conversions.  If we're going to keep  
the same naming convention, it should be "strtoinum()" and "strtounum 
()" (following strtoimax(3) and strotoumax(3)).

4- It should not produce "long long" results.  It should produce a  
"intmax_t" or "uintmax_t" (depending on if we're doing a signed or  
unsigned conversion).

Furthermore, the way that the error string is optionally returned is  
not very internationalization-friendly.  That whole error string  
return should be disposed of.  If the functionality is truly  
desirable, then it should be an error sub-code to be interpreted by  
the caller.

> If there is some questions about this, to don't discuss it twice,
> checkout discussion in FreeBSD mailing list with OpenBSD folks:
> 048655.html
> If there will be decision to import it, I attached patch and source  
> with
> manual, which goes to src/lib/libc/stdlib :) Please review.
> -- 
> Best regards,
> Mindaugas
> <strtonum.3>
> <strtonum.c>
> <strtonum.diff>

-- thorpej