[PATCH] cgit: use strtol_i instead of atoi
john at keeping.me.uk
Wed May 13 15:41:24 CEST 2015
On Wed, May 13, 2015 at 03:35:29PM +0200, Jason A. Donenfeld wrote:
> Anybody have any objections to this? In some cases it's slightly more
> verbose, but otherwise, I can't see any downsides.
It's worse if there is trailing data. Since there's nothing obvious we
can do if the input is bad, I'm not sure how much we care (i.e. ignoring
the return value from strtol_i is OK) but whereas atoi will parse a
valid value followed by trailing garbage strtol_i will just fail.
Worse than that, if it fails it leaves the result uninitialized, which
doesn't matter in the cases where we just update a variable, but at
least one part of this patch introduces a new variable that is not set
if strtol_i fails.
More information about the CGit