strtou(3) handling of negative input
Alejandro Colomar
alx at kernel.org
Wed Mar 19 23:30:36 UTC 2025
Hi Bruno,
On Thu, Mar 20, 2025 at 12:12:10AM +0100, Alejandro Colomar wrote:
> > At the same time, disallowing a leading '-' sign
> > is a benefit as well. I consider it a misfeature that strtoul() parses
> > "-3" successfully and returns ULONG_MAX-2, which was most certainly
> > not intended by the user.
>
> Agree; it is a misfeature. In my API a2i(), when the type passed in the
> first parameter is an unsigned type, negative values are rejected.
>
> I wonder if there's any legitimate user of that misfeature. I didn't
> want to rule it out from a fundamental API just because I can't think of
> a good use of it.
>
> Maybe since we have people from many systems here, anyone who has even
> seen a good use of strtoul(3) parsing negative values into an unsigned
> type can comment. Maybe if we don't hear about it, we could consider it
> useless and tighten it? Especially for an API that has explicit range
> checks.
>
> Would NetBSD be open to changing the implementation of strtou(3) to
> reject negative input?
I have filed a bug in NetBSD for reforming strtou(3):
<https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=59198>
Let's see what they think about it.
Cheers,
Alex
--
<https://www.alejandro-colomar.es/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/libbsd/attachments/20250320/1ecb6c4b/attachment.sig>
More information about the libbsd
mailing list