develooper Front page | perl.perl5.porters | Postings from December 2000

Re: strtoul (was Re: [PATCH] Fcntl constants speedup)

Thread Previous | Thread Next
Nicholas Clark
December 19, 2000 15:57
Re: strtoul (was Re: [PATCH] Fcntl constants speedup)
Message ID:
On Tue, Dec 19, 2000 at 04:39:32PM +0000, Nick Ing-Simmons wrote:
> Jarkko Hietaniemi <> writes:
> >> >As long as we don't mind losing locale based number grouping (whatever
> >> >that is, but it's compiled in in my copy of strtol - I disassembled it
> >> >and can see the pattern of code that's doing it)
> >> 
> >> We only loose "locale based number grouping" for things that "look
> >> like numbers" in perl's view - so do we really loose anything?
> >
> >We gain more warnings if the system's strtoul() didn't use to complain
> >about things like "1,234,567" and nicely returned 1234567.  Search
> >perllocale for 'grouping', and see localeconv(3).
> But I don't see where looks_like_number() lets things with ',' in through
> to be converted ... 

Hmm. But right now what's stopping the string "123.456" looking like a
number that is assessed as "can be correctly converted by strtol() to the
nearest integer 123, but is actually not an integer"
So sv_2iv passes it to strtol, which then honours the locale settings,
where "," is the decimal separator and "." the grouping character, and
the answer 123456 comes back.

Now it becomes very clear why locales are considered tainted, and carry
a health warning on 20% of the packet and adverts.

Does this mean that SVs should become tainted if the undergo string to
numeric conversion while locales are in effect?
Is that enough? Should we go the whole hog and advise people that near
total security can be obtained by only running programs with the power
turned off and all cables disconnected from the machine.

Seriously, I take it "123.456" becoming 123456 is a nasty gotcha we might
do well to stamp on, rather than a desirable feature?

Nicholas Clark

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About