1 /* Copyright (c) 2002,2004,2005 Joerg Wunsch
2    Copyright (c) 2008  Dmitry Xmelkov
3    All rights reserved.
4 
5    Redistribution and use in source and binary forms, with or without
6    modification, are permitted provided that the following conditions are met:
7 
8    * Redistributions of source code must retain the above copyright
9      notice, this list of conditions and the following disclaimer.
10 
11    * Redistributions in binary form must reproduce the above copyright
12      notice, this list of conditions and the following disclaimer in
13      the documentation and/or other materials provided with the
14      distribution.
15 
16    * Neither the name of the copyright holders nor the names of
17      contributors may be used to endorse or promote products derived
18      from this software without specific prior written permission.
19 
20   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
24   LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   POSSIBILITY OF SUCH DAMAGE.
31 */
32 
33 #include <ctype.h>
34 #include <limits.h>
35 #include <math.h>
36 #include <stdarg.h>
37 #include <stddef.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <errno.h>
42 #include <stdbool.h>
43 #include "stdio_private.h"
44 
45 #if defined(_HAVE_BUILTIN_MUL_OVERFLOW) && defined(_HAVE_BUILTIN_ADD_OVERFLOW) && !defined(strtoi_signed)
46 #define USE_OVERFLOW
47 #endif
48 
49 static inline bool
ISSPACE(unsigned char c)50 ISSPACE(unsigned char c)
51 {
52     return ('\011' <= c && c <= '\015') || c == ' ';
53 }
54 
55 strtoi_type
strtoi(const char * __restrict nptr,char ** __restrict endptr,int ibase)56 strtoi(const char *__restrict nptr, char **__restrict endptr, int ibase)
57 {
58     unsigned int base = ibase;
59 
60     /* Check for invalid base value */
61     if (base > 36 || base == 1) {
62         errno = EINVAL;
63         if (endptr)
64             *endptr = (char *) nptr;
65         return 0;
66     }
67 
68 #define FLAG_NEG        0x1     /* Negative. Must be 1 for ucutoff below */
69 #define FLAG_OFLOW      0x2     /* Value overflow */
70 
71     const unsigned char *s = (const unsigned char *) nptr;
72     strtoi_type val = 0;
73     unsigned char flags = 0;
74     unsigned int i;
75 
76     /* Skip leading spaces */
77     do {
78         i = *s++;
79     } while (ISSPACE(i));
80 
81     /* Parse a leading sign */
82     switch (i) {
83     case '-':
84         flags = FLAG_NEG;
85 	FALLTHROUGH;
86     case '+':
87         i = *s++;
88     }
89 
90     /* Leading '0' digit -- check for base indication */
91     if (i == '0') {
92         if (TOLOW(*s) == 'x' && ((base | 16) == 16)) {
93             base = 16;
94             /* Parsed the '0' */
95             nptr = (const char *) s;
96             i = s[1];
97             s += 2;
98 	} else if (base == 0) {
99             base = 8;
100         }
101     } else if (base == 0) {
102         base = 10;
103     }
104 
105 #ifndef USE_OVERFLOW
106     /* Compute values used to detect overflow. */
107 #ifdef strtoi_signed
108     /* works because strtoi_min = (strtoi_type) ((strtoi_utype) strtoi_max + 1) */
109     strtoi_utype ucutoff = (strtoi_utype) strtoi_max + flags;
110     strtoi_type cutoff = ucutoff / base;
111     unsigned int cutlim = ucutoff % base;
112 #else
113     strtoi_type cutoff = strtoi_max / base;
114     unsigned int cutlim = strtoi_max % base;
115 #endif
116 #endif
117 
118     for(;;) {
119         i = digit_to_val(i);
120         /* detect invalid char */
121         if (i >= base)
122             break;
123 
124         /* Add the new digit, checking for overflow */
125 #ifdef USE_OVERFLOW
126         /*
127          * This isn't used for signed values as it's tricky and
128          * generates larger code. Yes, it avoids doing the divmod
129          * above, but we'll assume an app doing math with signed
130          * values will probably end up doing a divide somewhere
131          */
132         if (__builtin_mul_overflow(val, (strtoi_type) base, &val) ||
133             __builtin_add_overflow(val, (strtoi_type) i, &val))
134         {
135             flags |= FLAG_OFLOW;
136         }
137 #else
138         if (val > cutoff || (val == cutoff && i > cutlim))
139             flags |= FLAG_OFLOW;
140         val = val * (strtoi_type) base + (strtoi_type) i;
141 #endif
142         /* Parsed another digit */
143         nptr = (const char *) s;
144         i = *s++;
145     }
146 
147     /* Mark the end of the parsed region */
148     if (endptr != NULL)
149         *endptr = (char *) nptr;
150 
151     if (flags & FLAG_NEG)
152         val = -val;
153 
154     if (flags & FLAG_OFLOW) {
155 #ifdef strtoi_signed
156         val = (strtoi_type) ucutoff;
157 #else
158         val = strtoi_max;
159 #endif
160         errno = ERANGE;
161     }
162 
163     return val;
164 }
165