C lib: strtto*(): base 0/16: not ISO C compliant

Steffen Nurpmeso steffen at sdaoden.eu
Sat Jul 9 09:21:02 PDT 2022


Hello!

Please consider changing _strto*l.h in equal spirit to NetBSD
[8ed11f4fbc3980ef5b8b080bcd4d3f603f198c44]
(https://github.com/NetBSD/src.git) or OpenBSD
[6022c2c21c00ed222314d1a82f05f5778bfe1e32]

    The 0x (or 0X) prefix in base 16 is optional so only skip over the
    prefix if the character following it is a valid hex char.  The C99
    standard is clear that given the string "0xy" zero should be returned
    and endptr set to point to the "x".  OK deraadt@ espie@

  -       if ((base == 0 || base == 16) &&
  -           c == '0' && (*s == 'x' || *s == 'X')) {
  +       if ((base == 0 || base == 16) && c == '0' &&
  +           (*s == 'x' || *s == 'X') && isxdigit((unsigned char)s[1])) {

All on 2017-07-06, but i cannot find the ML discussion i read by
then (i thought it was on oss-security, but cannot find it).

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)


More information about the Users mailing list