On Fri, 3 Jan 2014, Justin Maggard wrote:
It looks like the intent of the aforementioned commit is to just avoid doing
any validation on the "total" value. Is that desired? Or do we need to
step through the data and validate with something like ISDIGIT()?
Ugh! It seems like a really stupid change there (by me). I think the loop
should be fixed to instead be something like:
while(ISSPACE(*endptr))
endptr++;
while(ISDIGIT(*endptr))
endptr++;
to first skip white space and then all digits following that, like
curlx_strtoofft() would.
You agree?
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
