Re: [pcre-dev] PCRE2 SVN 463 strtoul() return value comparis…

Αρχική Σελίδα
Delete this message
Συντάκτης: ph10
Ημερομηνία:  
Προς: Ralf Junker
Υ/ο: pcre-dev@exim.org
Αντικείμενο: Re: [pcre-dev] PCRE2 SVN 463 strtoul() return value comparisons
On Mon, 7 Dec 2015, Ralf Junker wrote:

> To detect string to integer conversion overflow, PCRE2 SVN 463 adds a few
> lines to pcre2test.c which test if return values from strtoul() are *greater*
> than UINT32_MAX or ULONG_MAX.
>
> At least on some systems, however, these comparisons can never be true.
> According to the documentation, overflow causes strtoul() to return *exactly*
> these values, but not greater:
>
> http://man7.org/linux/man-pages/man3/strtoul.3.html
>
> As the documentation suggests, the testing should be for *equality* to these
> constants. Instead, or in addition, errno may be checked against ERANGE.


Thank you for raising this issue. I think I am stuck in a "long ==
64-bit" mentality. When a long *is* 64-bit, then it is perfectly
possible for it to have a value that is greater than UINT32_MAX but less
than ULONG_MAX. However, I realize that perhaps there may still be systems
where long == 32-bit.

I guess there should be some fiddling around with tests such as
(ULONG_MAX == UINT32_MAX) to see what the environment is, and then craft
the tests appropriately.

Alternatively, I could use strtoull() instead of strtoul(), thereby
guaranteeing that the result is 64-bits.

Philip

--
Philip Hazel