From: Rob Pike Date: Fri, 1 May 2015 22:33:08 +0000 (-0700) Subject: text/template/parse: huge integers are not floats X-Git-Tag: go1.5beta1~774 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=409420c08893dad4c112fc1a7fa2568cc0f8a98c;p=gostls13.git text/template/parse: huge integers are not floats Ideal constants in the template package are a little different from Go. This is a case that slipped through the cracks: A huge integer number was accepted as a floating-point number, but this loses precision and is confusing. Also, the code in the template package (as opposed to the parse package) wasn't expecting it. Root this out at the source: If an integer doesn't fit an int64 or uint64, complain right away. Change-Id: I375621e6f5333c4d53f053a3c84a9af051711b7a Reviewed-on: https://go-review.googlesource.com/9651 Reviewed-by: Russ Cox --- diff --git a/src/text/template/parse/node.go b/src/text/template/parse/node.go index 55c37f6dba..728181baae 100644 --- a/src/text/template/parse/node.go +++ b/src/text/template/parse/node.go @@ -592,6 +592,11 @@ func (t *Tree) newNumber(pos Pos, text string, typ itemType) (*NumberNode, error } else { f, err := strconv.ParseFloat(text, 64) if err == nil { + // If we parsed it as a float but it looks like an integer, + // it's a huge number too large to fit in an int. Reject it. + if !strings.ContainsAny(text, ".eE") { + return nil, fmt.Errorf("integer overflow: %q", text) + } n.IsFloat = true n.Float64 = f // If a floating-point extraction succeeded, extract the int if needed. diff --git a/src/text/template/parse/parse_test.go b/src/text/template/parse/parse_test.go index a2ca98b0b1..808f9a0b5e 100644 --- a/src/text/template/parse/parse_test.go +++ b/src/text/template/parse/parse_test.go @@ -69,6 +69,7 @@ var numberTests = []numberTest{ {text: "1+2."}, {text: "'x"}, {text: "'xx'"}, + {text: "'433937734937734969526500969526500'"}, // Integer too large - issue 10634. // Issue 8622 - 0xe parsed as floating point. Very embarrassing. {"0xef", true, true, true, false, 0xef, 0xef, 0xef, 0}, }