Submitter:Fred Tydeman
Submission Date: 2018-12-12
Document: WG14 N2320
Reference Documents: N2301
Summary
There is no way for a user's application to control what is output for a NaN or an infinity (the standard allows two styles for each).
There is no way for a user's application to limit the number of characters in the NaN(n-char-sequence); the standard imposes no upper limit.
Technical Corrigendum:
Change §7.21.6.1#4, precision bullet from:
An optional precision that gives the minimum number of digits to appear for the d, i, o, u, x, and X conversions, the number of digits to appear after the decimal-point character for a, A, e, E, f, and F conversions, the maximum number of significant digits for the g and G conversions, or the maximum number of bytes to be written for s conversions. The precision takes the form of a period (.) followed either by an asterisk * (described later) or by an optional nonnegative decimal integer; if only the period is specified, the precision is taken as zero. If a precision appears with any other conversion specifier, the behavior is undefined.
to:
An optional precision that gives the minimum number of digits to appear for the d, i, o, u, x, and X conversions, the number of digits (for finite values) to appear after the decimal-point character for a, A, e, E, f, and F conversions, the maximum number of significant digits (for finite values) for the g and G conversions, the maximum number of characters for NaN or infinity values for a, A, e, E, f, F, g, and G conversions, or the maximum number of bytes to be written for s conversions. The precision takes the form of a period (.) followed either by an asterisk * (described later) or by an optional nonnegative decimal integer; if only the period is specified, the precision is taken as zero. If a precision appears with any other conversion specifier, the behavior is undefined.
Change in §7.21.6.1#8, f,F bullet from:
A double argument representing an infinity is converted in one of the styles [-]inf or [-]infinity - which style is implementation-defined. A double argument representing a NaN is converted in one of the styles [-]nan or [-]nan(n-char-sequence) - which style, and the meaning of any n-char-sequence, is implementation-defined. The F conversion specifier produces INF, INFINITY, or NAN instead of inf, infinity, or nan, respectively.283)
to:
A double argument representing an infinity is convertedin one of the stylesto [-]inf if the precision less than nine, otherwise toor[-]infinity - if the precision is omitted, thewhichstyle is implementation-defined. A double argument representing a NaN is convertedin one of the stylesto [-]nan if the precision less than nine, otherwise toor[-]nan(n-char-sequence) - if the precision is omitted, the style is implementation-defined;which style, andthe meaning of any n-char-sequence is implementation-defined. The F conversion specifier produces INF, INFINITY, or NAN instead of inf, infinity, or nan, respectively.283) A precision less than four is taken as four for NaNs and infinity values.
Change §7.29.2.1#4, precision bullet from:
An optional precision that gives the minimum number of digits to appear for the d, i, o, u, x, and X conversions, the number of digits to appear after the decimal-point wide character for a, A, e, E, f, and F conversions, the maximum number of significant digits for the g and G conversions, or the maximum number of wide characters to be written for s conversions. The precision takes the form of a period (.) followed either by an asterisk * (described later) or by an optional nonnegative decimal integer; if only the period is specified, the precision is taken as zero. If a precision appears with any other conversion specifier, the behavior is undefined.
to:
An optional precision that gives the minimum number of digits to appear for the d, i, o, u, x, and X conversions, the number of digits (for finite values) to appear after the decimal-point wide character for a, A, e, E, f, and F conversions, the maximum number of significant digits (for finite values) for the g and G conversions, the maximum number of wide characters for NaN or infinity values for a, A, e, E, f, F, g, and G conversions, or the maximum number of wide characters to be written for s conversions. The precision takes the form of a period (.) followed either by an asterisk * (described later) or by an optional nonnegative decimal integer; if only the period is specified, the precision is taken as zero. If a precision appears with any other conversion specifier, the behavior is undefined.
Change in §7.29.2.1#8, f,F bullet from:
A double argument representing an infinity is converted in one of the styles [-]inf or [-]infinity - which style is implementation-defined. A double argument representing a NaN is converted in one of the styles [-]nan or [-]nan(n-wchar-sequence) - which style, and the meaning of any n-wchar-sequence, is implementation-defined. The F conversion specifier produces INF, INFINITY, or NAN instead of inf, infinity, or nan, respectively.338)
to:
A double argument representing an infinity is convertedin one of the stylesto [-]inf if the precision less than nine, otherwise toor[-]infinity - if the precision is omitted, thewhichstyle is implementation-defined. A double argument representing a NaN is convertedin one of the stylesto [-]nan if the precision less than nine, otherwise toor[-]nan(n-wchar-sequence) - if the precision is omitted, the style is implementation-defined;which style, andthe meaning of any n-wchar-sequence is implementation-defined. The F conversion specifier produces INF, INFINITY, or NAN instead of inf, infinity, or nan, respectively.338) A precision less than four is taken as four for NaNs and infinity values.
Change §J.3.12
- The style used to print an infinity or NaN, and the meaning of any n-char or n-wchar sequence printed for a NaN (7.21.6.1, 7.29.2.1).
to:
- The style used to print an infinity or NaN (if the precision is omitted), and the meaning of any n-char or n-wchar sequence printed for a NaN (7.21.6.1, 7.29.2.1).
An alternative (which gives the user no control on the output, but fixes the security hole) to all of the above is:
Add to §7.21 <stdio.h>, paragraph 3 [macros],
_MAX_PRINTF_NANwhich expands to an integer constant expression (suitable for use in #if preprocessing directives) that is the maximum number of characters output for any [-]NAN(n-char-sequence) [footnote].
[footnote]If the implementation only uses the [-]NAN style, then _MAX_PRINTF_NAN would have the value 4.
If we choose this alternative, do we want a maximum (such as 255) for _MAX_PRINTF_NAN?