Bug 516396: Remove the incorrect input string length check because the
authorwtc%google.com
Sun, 04 Oct 2009 01:00:41 +0000
changeset 4164 f80658abcfd9229e79786ba5119f01c17e1379ab
parent 4163 bbbc9624260017db8a6fee181f8beedb6d9376dc
child 4165 c25496f167365d77c5329924794d42814c4a9214
push idunknown
push userunknown
push dateunknown
bugs516396
Bug 516396: Remove the incorrect input string length check because the length limit should apply to only the number part of the input, rather than the whole string. Do the length check during conversion.
pr/src/misc/prdtoa.c
--- a/pr/src/misc/prdtoa.c
+++ b/pr/src/misc/prdtoa.c
@@ -1635,23 +1635,16 @@ PR_strtod
 	int rounding;
 #endif
 #ifdef USE_LOCALE
 	CONST char *s2;
 #endif
 
 	if (!_pr_initialized) _PR_ImplicitInitialization();
 
-	for(s = s00, i = 0; *s && i < 64 * 1024; s++, i++)
-		;
-	if (*s) {
-		PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
-		return 0.0;
-		}
-
 	sign = nz0 = nz = 0;
 	dval(rv) = 0.;
 	for(s = s00;;s++) switch(*s) {
 		case '-':
 			sign = 1;
 			/* no break */
 		case '+':
 			if (*++s)
@@ -1767,16 +1760,18 @@ PR_strtod
 					e = -e;
 				}
 			else
 				e = 0;
 			}
 		else
 			s = s00;
 		}
+	if (nd > 64 * 1024)
+		goto ret0;
 	if (!nd) {
 		if (!nz && !nz0) {
 #ifdef INFNAN_CHECK
 			/* Check for Nan and Infinity */
 			switch(c) {
 			  case 'i':
 			  case 'I':
 				if (match(&s,"nf")) {
@@ -1797,16 +1792,17 @@ PR_strtod
 					if (*s == '(') /*)*/
 						hexnan(&rv, &s);
 #endif
 					goto ret;
 					}
 			  }
 #endif /* INFNAN_CHECK */
  ret0:
+			PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
 			s = s00;
 			sign = 0;
 			}
 		goto ret;
 		}
 	e1 = e -= nf;
 
 	/* Now we have nd0 digits, starting at s0, followed by a