From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <imun@tarantool.org>
Received: from smtpng1.m.smailru.net (smtpng1.m.smailru.net [94.100.181.251])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits)) (No client certificate requested)
 by dev.tarantool.org (Postfix) with ESMTPS id 8017E469719
 for <tarantool-patches@dev.tarantool.org>;
 Thu,  5 Mar 2020 12:41:56 +0300 (MSK)
Date: Thu, 5 Mar 2020 12:36:34 +0300
From: Igor Munkin <imun@tarantool.org>
Message-ID: <20200305093634.GB404@tarantool.org>
References: <62003dc4b5a3672d02c3ec599b5ecb65a557d6b5.1581635592.git.imun@tarantool.org>
 <20200305074939.f2ucx2acn2phm2kc@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20200305074939.f2ucx2acn2phm2kc@tarantool.org>
Subject: Re: [Tarantool-patches] [PATCH luajit] Make string to number
 conversions fail on NUL char
List-Id: Tarantool development patches <tarantool-patches.dev.tarantool.org>
List-Unsubscribe: <https://lists.tarantool.org/mailman/options/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=unsubscribe>
List-Archive: <https://lists.tarantool.org/pipermail/tarantool-patches/>
List-Post: <mailto:tarantool-patches@dev.tarantool.org>
List-Help: <mailto:tarantool-patches-request@dev.tarantool.org?subject=help>
List-Subscribe: <https://lists.tarantool.org/mailman/listinfo/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=subscribe>
To: Kirill Yukhin <kyukhin@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org

Kirill,

Thanks! As you reminded, here is a ChangeLog entry:

@ChangeLog:
* Fixed string to number conversion: current implementation respects the
  buffer length (gh-4773).

On 05.03.20, Kirill Yukhin wrote:
> Hello,
> On 14 фев 02:57, Igor Munkin wrote:
> > The routine used for conversion a string representation to number
> > (lj_strscan_scan) doesn't respect the size of the given string/buffer.
> > Such behaviour leads to the following results:
> > 
> > | local a = tonumber("inf\x00imun")   -- the result is 'inf'
> > | local b = tonumber("\x36\x00\x80") -- the result is 6
> > 
> > The behaviour described above is similar to the one vanila Lua 5.1 has:
> > 
> > | $ ./lua -e 'print(_VERSION, tonumber("inf"..string.char(0).."imun"))'
> > | Lua 5.1	inf
> > 
> > However, the issue is fixed in Lua 5.2 and the results are the following:
> > | $ ./lua -e 'print(_VERSION, tonumber("inf"..string.char(0).."imun"))'
> > | Lua 5.2	nil
> > 
> > The patch introduces additional parameter to lj_strscan_scan routine to
> > detect whether there is nothing left after the null character.
> > 
> > Relates to tarantool#4773
> > 
> > Reported-by: Alexander Turenko <alexander.turenko@tarantool.org>
> > Signed-off-by: Igor Munkin <imun@tarantool.org>
> 
> I've checked your patch inti tarantool/luajit repo and
> bumped new version in 1.10, 2.2, 2.3 and master.
> 
> --
> Regards, Kirill Yukhin

Added to the corresponding release notes.

-- 
Best regards,
IM