On Fri, Jan 3, 2014 at 2:44 PM, Daniel Stenberg <[email protected]> wrote: > On Fri, 3 Jan 2014, Justin Maggard wrote: > >> It looks like the intent of the aforementioned commit is to just avoid >> doing any validation on the "total" value. Is that desired? Or do we need >> to step through the data and validate with something like ISDIGIT()? > > > Ugh! It seems like a really stupid change there (by me). I think the loop > should be fixed to instead be something like: > > while(ISSPACE(*endptr)) > endptr++; > while(ISDIGIT(*endptr)) > endptr++; > > to first skip white space and then all digits following that, like > curlx_strtoofft() would. > > You agree? >
Yes, I agree. That looks reasonable to me. -Justin ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
