Bug#232430: marked as done (libc6: strtof is completelly broken, garbage is returned)
Your message dated Sat, 14 Feb 2004 20:30:19 -0500
with message-id <20040215013019.GA19107@nevyn.them.org>
and subject line Bug#232430: libc6: strtof is completelly broken, garbage is returned
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 12 Feb 2004 17:45:00 +0000
>From rgs@linalco.com Thu Feb 12 09:45:00 2004
Return-path: <rgs@linalco.com>
Received: from 30.red-80-36-33.pooles.rima-tde.net (filemon.linalco-es) [80.36.33.30]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1ArKtX-0001e1-00; Thu, 12 Feb 2004 09:45:00 -0800
Received: from rgs by filemon.linalco-es with local (Exim 3.36 #1 (Debian))
id 1ArKsz-00015h-00; Thu, 12 Feb 2004 18:44:26 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Roberto Gordo Saez <rgs@linalco.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libc6: strtof is completelly broken, garbage is returned
X-Mailer: reportbug 2.43
Date: Thu, 12 Feb 2004 18:44:25 +0100
Sender: Roberto Gordo Saez <rgs@linalco.com>
Message-Id: <[🔎] E1ArKtX-0001e1-00@spohr.debian.org>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_02_12
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no
version=2.60-bugs.debian.org_2004_02_12
X-Spam-Level:
Package: libc6
Version: 2.3.2.ds1-11
Severity: important
The function strtof does not work at all, it always returns garbage.
Many programs are silently broken by this bug. This small
example will return a random number, without using rand :-)
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
int main (void)
{
printf ("%f\n", strtof ("5E+2", NULL));
return 0;
}
Actually, the value returned by strtof seems to come from a pointer
freely walking through the stack; declaring a new, unused variable
sometimes makes a different value returned, like in this case:
int main (void)
{
int a;
printf ("%f\n", strtof ("5E+2", NULL));
return 0;
}
Is not Debian specific. Tested on Red Hat Advanced Server 2.1, Gentoo
and Debian Sid (powerpc and x86). Many glibc versions are affected, not
only this one. Probably there are no security implications, but still
not tested.
It is not something new:
http://mail.gnu.org/archive/html/bug-glibc/2002-03/msg00336.html
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.2
Locale: LANG=en_US, LC_CTYPE=en_US
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
---------------------------------------
Received: (at 232430-done) by bugs.debian.org; 15 Feb 2004 01:30:23 +0000
>From drow@crack.them.org Sat Feb 14 17:30:22 2004
Return-path: <drow@crack.them.org>
Received: from nevyn.them.org [66.93.172.17] (Debian-exim)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AsB70-0000Ox-00; Sat, 14 Feb 2004 17:30:22 -0800
Received: from drow by nevyn.them.org with local (Exim 4.30 #1 (Debian))
id 1AsB6x-0004yx-KV; Sat, 14 Feb 2004 20:30:19 -0500
Date: Sat, 14 Feb 2004 20:30:19 -0500
From: Daniel Jacobowitz <dan@debian.org>
To: Roberto Gordo Saez <rgs@linalco.com>, 232430-done@bugs.debian.org
Subject: Re: Bug#232430: libc6: strtof is completelly broken, garbage is returned
Message-ID: <20040215013019.GA19107@nevyn.them.org>
References: <[🔎] E1ArKtX-0001e1-00@spohr.debian.org> <[🔎] 20040212184152.GA8504@nevyn.them.org> <[🔎] E1ArNKS-0003q3-00@spohr.debian.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] E1ArNKS-0003q3-00@spohr.debian.org>
User-Agent: Mutt/1.5.1i
Delivered-To: 232430-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_02_12
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=HAS_BUG_NUMBER autolearn=no
version=2.60-bugs.debian.org_2004_02_12
X-Spam-Level:
On Thu, Feb 12, 2004 at 09:20:13PM +0100, Roberto Gordo Saez wrote:
> On Thu, Feb 12, 2004 at 01:41:53PM -0500, Daniel Jacobowitz wrote:
> > drow@nevyn:~% gcc -g -o stof stof.c -Wall
> > stof.c: In function `main':
> > stof.c:7: warning: implicit declaration of function `strtof'
> > stof.c:7: warning: double format, different type arg (arg 2)
> >
> > Always, always use compiler warnings when looking at a problem like
> > this one.
> >
> > According to stdlib.h strtof is only available in C99 mode. If I add
> > -std=c99 the program works. If you add -D_GNU_SOURCE, it probably will
> > work then also.
> >
> > At most the man page needs a note. It does already say:
> > CONFORMING TO
> > ANSI C describes strtod, C99 describes the other two functions.
>
> I was thinking that the default C mode for gcc was C99, but now i've
> discovered that it is really a mix of C90 and C99. This default mode
> annoys me... but you are totally right here, this bug should be closed.
>
> Can you believe that two persons were looking with gdb and were doing
> some more weird and deeper tests, and none of us thought into simply
> activating the warnings? :-)
Thanks for following up! Closing the bug.
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
Reply to: