commit 9d604959036bd02e7ff0ca1bd33f842664610b82 Author: Nick Mathewson <nickm@torproject.org> Date: Tue Sep 10 18:59:10 2019 -0400 Use strtod, not atof, for parsing doubles in the configuration. This lets us detect erroneous doubles, which previously we could not do. Fixes bug 31475; bugfix on commit 00a9e3732e88, a.k.a svn:r136. --- changes/ticket31475 | 5 +++++ src/lib/confmgt/type_defs.c | 13 ++++++++++--- src/test/test_confparse.c | 4 ++++ 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/changes/ticket31475 b/changes/ticket31475 new file mode 100644 index 000000000..e156c145a --- /dev/null +++ b/changes/ticket31475 @@ -0,0 +1,5 @@ + o Minor bugfixes (configuration): + - Invalid floating-point values in the configuration file are now + detected treated as errors in the configuration. Previously, they + were ignored and treated as zero. Fixes bug 31475; bugfix on + 0.0.1. diff --git a/src/lib/confmgt/type_defs.c b/src/lib/confmgt/type_defs.c index f8b2681aa..137af4ed9 100644 --- a/src/lib/confmgt/type_defs.c +++ b/src/lib/confmgt/type_defs.c @@ -283,9 +283,16 @@ double_parse(void *target, const char *value, char **errmsg, (void)params; (void)errmsg; double *v = (double*)target; - // XXXX This is the preexisting behavior, but we should detect errors here. - *v = atof(value); - return 0; + char *endptr=NULL; + *v = strtod(value, &endptr); + if (endptr == value || *endptr != '\0') { + // Either there are no converted characters, or there were some characters + // that didn't get converted. + tor_asprintf(errmsg, "Could not convert %s to a number.", escaped(value)); + return -1; + } else { + return 0; + } } static char * diff --git a/src/test/test_confparse.c b/src/test/test_confparse.c index bd2b5cdf1..a4da6c7c9 100644 --- a/src/test/test_confparse.c +++ b/src/test/test_confparse.c @@ -488,6 +488,8 @@ test_confparse_assign_badval(void *arg) static const badval_test_t bv_notint = { "pos X\n", "malformed" }; static const badval_test_t bv_negint = { "pos -10\n", "out of bounds" }; static const badval_test_t bv_badu64 = { "u64 u64\n", "malformed" }; +static const badval_test_t bv_dbl1 = { "dbl xxx\n", "Could not convert" }; +static const badval_test_t bv_dbl2 = { "dbl 1.0 xx\n", "Could not convert" }; static const badval_test_t bv_badcsvi1 = { "csv_interval 10 wl\n", "malformed" }; static const badval_test_t bv_badcsvi2 = @@ -1045,6 +1047,8 @@ struct testcase_t confparse_tests[] = { BADVAL_TEST(notint), BADVAL_TEST(negint), BADVAL_TEST(badu64), + BADVAL_TEST(dbl1), + BADVAL_TEST(dbl2), BADVAL_TEST(badcsvi1), BADVAL_TEST(badcsvi2), BADVAL_TEST(nonoption),