From cd0da1ae5e0b4c44226bb4a4493b790879769aea Mon Sep 17 00:00:00 2001 From: Andreas Molzer Date: Fri, 30 Aug 2019 22:27:32 +0200 Subject: [PATCH] Fix num parsing for invalid multi-byte sign chars Ensure that splitting the potential sign character from the remainder respects UTF8 boundaries. This lets invalid characters fail correctly with an error, instead of panicking. --- src/lib.rs | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/lib.rs b/src/lib.rs index 172e714..6641a3a 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -216,7 +216,12 @@ macro_rules! float_trait_impl { } fn slice_shift_char(src: &str) -> Option<(char, &str)> { - src.chars().nth(0).map(|ch| (ch, &src[1..])) + let mut chars = src.chars(); + if let Some(ch) = chars.next() { + Some((ch, chars.as_str())) + } else { + None + } } let (is_positive, src) = match slice_shift_char(src) { @@ -395,6 +400,15 @@ fn from_str_radix_unwrap() { assert_eq!(f, 0.0); } +#[test] +fn from_str_radix_multi_byte_fail() { + // Ensure parsing doesn't panic, even on invalid sign characters + assert!(f32::from_str_radix("™0.2", 10).is_err()); + + // Even when parsing the exponent sign + assert!(f32::from_str_radix("0.2E™1", 10).is_err()); +} + #[test] fn wrapping_is_num() { fn require_num(_: &T) {}