summaryrefslogtreecommitdiff
path: root/strings/my_strtoll10.c
diff options
context:
space:
mode:
authorJoao Gramacho <joao.gramacho@oracle.com>2013-07-31 17:54:40 +0100
committerJoao Gramacho <joao.gramacho@oracle.com>2013-07-31 17:54:40 +0100
commite5a1966bca33a58fb86c557375b93fc04b9c7202 (patch)
tree4494dcf8721ff4d0f36d1d5aadc3681f98d2652e /strings/my_strtoll10.c
parent592a2b2a94c85fbf1199276789efd32c73ab41f1 (diff)
downloadmariadb-git-e5a1966bca33a58fb86c557375b93fc04b9c7202.tar.gz
Bug#16997513 MY_STRTOLL10 ACCEPTING OVERFLOWED UNSIGNED LONG LONG VALUES AS NORMAL ONES
Problem: ======= It was detected an incorrect behavior of my_strtoll10 function when converting strings with numbers in the following format: "184467440XXXXXXXXXYY" Where XXXXXXXXX > 737095516 and YY <= 15 Samples of problematic numbers: "18446744073709551915" "18446744073709552001" Instead of returning the larger unsigned long long value and setting overflow in the returned error code, my_strtoll10 function returns the lower 64-bits of the evaluated number and did not set overflow in the returned error code. Analysis: ======== Once trying to fix bug 16820156, I've found this bug in the overflow check of my_strtoll10 function. This function, once receiving a string with an integer number larger than 18446744073709551615 (the larger unsigned long long number) should return the larger unsigned long long number and set overflow in the returned error code. Because of a wrong overflow evaluation, the function didn't catch the overflow cases where (i == cutoff) && (j > cutoff2) && (k <= cutoff3). When the overflow evaluation fails, the function return the lower 64-bits of the evaluated number and do not set overflow in the returned error code. Fix: === Corrected the overflow evaluation in my_strtoll10.
Diffstat (limited to 'strings/my_strtoll10.c')
-rw-r--r--strings/my_strtoll10.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/strings/my_strtoll10.c b/strings/my_strtoll10.c
index 0f94302fdeb..2b9dc6f44bf 100644
--- a/strings/my_strtoll10.c
+++ b/strings/my_strtoll10.c
@@ -206,8 +206,8 @@ longlong my_strtoll10(const char *nptr, char **endptr, int *error)
goto overflow;
/* Check that we didn't get an overflow with the last digit */
- if (i > cutoff || (i == cutoff && ((j > cutoff2 || j == cutoff2) &&
- k > cutoff3)))
+ if (i > cutoff || (i == cutoff && (j > cutoff2 || (j == cutoff2 &&
+ k > cutoff3))))
goto overflow;
li=i*LFACTOR2+ (ulonglong) j*100 + k;
return (longlong) li;