Number attr's possible parse problem

2011-10-21
2013-05-20
  • I've been using tinyXML for quite some time (and think it's fantastic!) but have a question about a potential problem with numerical attribute parsing. I wasn't sure whether to post to developer or this forum, so I'll go with this to alert other users of this problem.

    The code currently uses sscanf (or some variant) to parse the attribute string. For floats/doubles it is %lf, which excludes the possibility of something like 6.023e23. What's worse is that this could potentially fail silently since it can convert 6.023 to a double just fine (IIRC scanf and variants ignore extra text when converting)… but clearly this is not the full attribute value.

    I've encountered this problem on other hand-coded parsers. Using %g/G will solve this problem since %g/G will attempt to grab the exponent field if present (if using g, it will look for e, and if using G it will look for E).

    Another potential problem is the attribute value 1x for integer values. Clearly, the x is extraneous but it means the type cannot be an integer. I've encountered this on another (hand-coded) parser where the user intended to type 1c as a hexadecimal value, but the parser silently failed by stopping numerical conversion partway through the token…

    Not sure how strict you want to be on this stuff with tinyXML. If anyone else thinks these need to be caught, I'm happy to raise a ticket, and submit fixes (since yours truly has had to solve those problems several times).

    Note that I'm using 2.6.2 now but suspect these possible problems have been there for some time…