5487 – More intelligent exponentiation in strtod/strtol

Bug 5487 - More intelligent exponentiation in strtod/strtol

Status:	RESOLVED FIXED

Alias:	None

Product:	ioquake3
Classification:	Unclassified
Component:	Misc
Version:	unspecified
Hardware:	PC Linux

Importance:	P3 trivial
Assignee:	Zachary J. Slater
QA Contact:	ioquake3 bugzilla mailing list

URL:

Depends on:
Blocks:

Reported:	2012-04-06 18:47 EDT by Ben Millwood
Modified:	2012-07-01 12:45:44 EDT
CC List:	1 user (show)

See Also:

Attachments
faster exponentiation for bg_lib.c (3.76 KB, patch) 2012-04-06 18:49 EDT, Ben Millwood

Description Ben Millwood 2012-04-06 18:47:25 EDT

Originally I was concerned that the linear-time exponentiation in strtod/strtol was a security flaw: parsing a number with a really big exponent would take really long, acting as a DoS attack.

However, the current implementation checks for overflow and underflow and hence I can't see a way to get the loop to run more than a few hundred times, so there doesn't seem to be any security risk after all. Nevertheless, by the time I worked this out I'd already written a more intelligent exponentiation function, so here it is.

Thanks to kevlarman for making me find the iterative instead of the recursive version.

Comment 1 Ben Millwood 2012-04-06 18:49:33 EDT

Created attachment 3126 [details]
faster exponentiation for bg_lib.c

Patch failed to attach the first time, trying again...

Comment 2 Thilo Schulz 2012-07-01 12:45:44 EDT

committed. If this breaks anything, I'll have you tarred and feathered :-)

Top of page