Coverage Report

Created: 2025-12-31 06:57

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/mysql-server/mysys/str2int.cc
Line
Count
Source
1
/* Copyright (c) 2000, 2025, Oracle and/or its affiliates.
2
3
   This program is free software; you can redistribute it and/or modify
4
   it under the terms of the GNU General Public License, version 2.0,
5
   as published by the Free Software Foundation.
6
7
   This program is designed to work with certain software (including
8
   but not limited to OpenSSL) that is licensed under separate terms,
9
   as designated in a particular file or component or in included license
10
   documentation.  The authors of MySQL hereby grant you an additional
11
   permission to link the program and your derivative works with the
12
   separately licensed software that they have either included with
13
   the program or referenced in the documentation.
14
15
   Without limiting anything contained in the foregoing, this file,
16
   which is part of C Driver for MySQL (Connector/C), is also subject to the
17
   Universal FOSS Exception, version 1.0, a copy of which can be found at
18
   http://oss.oracle.com/licenses/universal-foss-exception.
19
20
   This program is distributed in the hope that it will be useful,
21
   but WITHOUT ANY WARRANTY; without even the implied warranty of
22
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23
   GNU General Public License, version 2.0, for more details.
24
25
   You should have received a copy of the GNU General Public License
26
   along with this program; if not, write to the Free Software
27
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
28
29
/*
30
  str2int(src, radix, lower, upper, &val)
31
  converts the string pointed to by src to an integer and stores it in
32
  val.  It skips leading spaces and tabs (but not newlines, formfeeds,
33
  backspaces), then it accepts an optional sign and a sequence of digits
34
  in the specified radix.  The result should satisfy lower <= *val <= upper.
35
  The result is a pointer to the first character after the number;
36
  trailing spaces will NOT be skipped.
37
38
  If an error is detected, the result will be nullptr, the value put
39
  in val will be 0, and errno will be set to
40
        EDOM  if there are no digits
41
        ERANGE  if the result would overflow or otherwise fail to lie
42
                within the specified bounds.
43
  Check that the bounds are right for your machine.
44
  This looks amazingly complicated for what you probably thought was an
45
  easy task.  Coping with integer overflow and the asymmetric range of
46
  twos complement machines is anything but easy.
47
48
  So that users of atoi and atol can check whether an error occurred,
49
  I have taken a wholly unprecedented step: errno is CLEARED if this
50
  call has no problems.
51
*/
52
53
#include "str2int.h"
54
55
#include <cerrno>
56
#include <climits>
57
58
#include "mysql/strings/m_ctype.h"
59
60
#define char_val(X)                      \
61
0
  (X >= '0' && X <= '9'   ? X - '0'      \
62
0
   : X >= 'A' && X <= 'Z' ? X - 'A' + 10 \
63
0
   : X >= 'a' && X <= 'z' ? X - 'a' + 10 \
64
0
                          : '\177')
65
66
const char *str2int(const char *src, int radix, long int lower, long int upper,
67
0
                    long int *val) {
68
0
  int sign;   /* is number negative (+1) or positive (-1) */
69
0
  int n;      /* number of digits yet to be converted */
70
0
  long limit; /* "largest" possible valid input */
71
0
  long scale; /* the amount to multiply next digit by */
72
0
  long sofar; /* the running value */
73
0
  int d;      /* (negative of) next digit */
74
0
  const char *start;
75
0
  int digits[32]; /* Room for numbers */
76
77
  /*  Make sure *val is sensible in case of error  */
78
79
0
  *val = 0;
80
81
  /*  Check that the radix is in the range 2..36  */
82
83
#ifndef NDEBUG
84
  if (radix < 2 || radix > 36) {
85
    errno = EDOM;
86
    return nullptr;
87
  }
88
#endif
89
90
  /*  The basic problem is: how do we handle the conversion of
91
      a number without resorting to machine-specific code to
92
      check for overflow?  Obviously, we have to ensure that
93
      no calculation can overflow.  We are guaranteed that the
94
      "lower" and "upper" arguments are valid machine integers.
95
      On sign-and-magnitude, twos-complement, and ones-complement
96
      machines all, if +|n| is representable, so is -|n|, but on
97
      twos complement machines the converse is not true.  So the
98
      "maximum" representable number has a negative representative.
99
      Limit is set to min(-|lower|,-|upper|); this is the "largest"
100
      number we are concerned with. */
101
102
  /*  Calculate Limit using Scale as a scratch variable  */
103
104
0
  if ((limit = lower) > 0) limit = -limit;
105
0
  if ((scale = upper) > 0) scale = -scale;
106
0
  if (scale < limit) limit = scale;
107
108
  /*  Skip leading spaces and check for a sign.
109
      Note: because on a 2s complement machine MinLong is a valid
110
      integer but |MinLong| is not, we have to keep the current
111
      converted value (and the scale!) as *negative* numbers,
112
      so the sign is the opposite of what you might expect.
113
      */
114
0
  while (my_isspace(&my_charset_latin1, *src)) src++;
115
0
  sign = -1;
116
0
  if (*src == '+')
117
0
    src++;
118
0
  else if (*src == '-')
119
0
    src++, sign = 1;
120
121
  /*  Skip leading zeros so that we never compute a power of radix
122
      in scale that we won't have a need for.  Otherwise sticking
123
      enough 0s in front of a number could cause the multiplication
124
      to overflow when it neededn't.
125
      */
126
0
  start = src;
127
0
  while (*src == '0') src++;
128
129
  /*  Move over the remaining digits.  We have to convert from left
130
      to left in order to avoid overflow.  Answer is after last digit.
131
      */
132
133
0
  for (n = 0; (digits[n] = char_val(*src)) < radix && n < 20; n++, src++)
134
0
    ;
135
136
  /*  Check that there is at least one digit  */
137
138
0
  if (start == src) {
139
0
    errno = EDOM;
140
0
    return nullptr;
141
0
  }
142
143
  /*  The invariant we want to maintain is that src is just
144
      to the right of n digits, we've converted k digits to
145
      sofar, scale = -radix**k, and scale < sofar < 0.  Now
146
      if the final number is to be within the original
147
      Limit, we must have (to the left)*scale+sofar >= Limit,
148
      or (to the left)*scale >= Limit-sofar, i.e. the digits
149
      to the left of src must form an integer <= (Limit-sofar)/(scale).
150
      In particular, this is true of the next digit.  In our
151
      incremental calculation of Limit,
152
153
      IT IS VITAL that (-|N|)/(-|D|) = |N|/|D|
154
      */
155
156
0
  for (sofar = 0, scale = -1; --n >= 1;) {
157
0
    if ((long)-(d = digits[n]) < limit) {
158
0
      errno = ERANGE;
159
0
      return nullptr;
160
0
    }
161
0
    limit = (limit + d) / radix, sofar += d * scale;
162
0
    scale *= radix;
163
0
  }
164
0
  if (n == 0) {
165
0
    if ((long)-(d = digits[n]) < limit) /* get last digit */
166
0
    {
167
0
      errno = ERANGE;
168
0
      return nullptr;
169
0
    }
170
0
    sofar += d * scale;
171
0
  }
172
173
  /*  Now it might still happen that sofar = -32768 or its equivalent,
174
      so we can't just multiply by the sign and check that the result
175
      is in the range lower..upper.  All of this caution is a right
176
      pain in the neck.  If only there were a standard routine which
177
      says generate thus and such a signal on integer overflow...
178
      But not enough machines can do it *SIGH*.
179
      */
180
0
  if (sign < 0) {
181
0
    if (sofar < -LONG_MAX || (sofar = -sofar) > upper) {
182
0
      errno = ERANGE;
183
0
      return nullptr;
184
0
    }
185
0
  } else if (sofar < lower) {
186
0
    errno = ERANGE;
187
0
    return nullptr;
188
0
  }
189
0
  *val = sofar;
190
  errno = 0; /* indicate that all went well */
191
0
  return src;
192
0
}