[issue44954] Bug in float.fromhex
Mark Dickinson
report at bugs.python.org
Thu Aug 19 08:29:06 EDT 2021
Mark Dickinson <dickinsm at gmail.com> added the comment:
The bug is in this line:
https://github.com/python/cpython/blob/3db42fc5aca320b0cac1895bc3cb731235ede794/Objects/floatobject.c#L1467
which reads:
(half_eps == 8 && (HEX_DIGIT(key_digit+1) & 1) != 0))
In the buggy case, key_digit=0 and the HEX_DIGIT macro is trying to retrieve the value of the second-to-least significant hex digit in the coefficient, to decide whether it's odd or not. For the "0x0.8" case it retrieves the "0". For the "0x.8" case, it retrieves the "x" and tries to interpret it as a hex digit.
Even worse, if we exclude the "0x" prefix, as in `float.fromhex(".8p-1074")`, `HEX_DIGIT(1)` is accessing memory that doesn't belong to the string.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue44954>
_______________________________________
More information about the Python-bugs-list
mailing list