Page 1 of 1
Val Overflow bug
Posted: Thu Dec 21, 2023 9:03 pm
by kevinwnz
I just seen a video on the val overflow bug and tried it on the x16 emulator and the bug is present
if you have more than 38 character in the val function it gives overflow error and truncate the line
below is the example of the bug
10 A$ = Val("1E39")
20 Print A$
Re: Val Overflow bug
Posted: Fri Dec 22, 2023 6:56 am
by Ser Olmy
The VAL function in non-enhanced versions of Microsoft Basic contains the most insane hack I've ever seen: In order to avoid copying a string constant to a null-terminated buffer, it null-terminates the constant in the actual program code by temporarily overwriting the last double-quote with a null, and then restores the quote afterwards.
Yes, VAL actually modifies your program at runtime, and unfortunately fails to undo the damage if the VAL operation fails due to an overflow.
Re: Val Overflow bug
Posted: Thu Dec 28, 2023 12:53 am
by TomXP411
Heh. I saw the same video today, and I have filed an issue in the ROMs repo.
Ser Olmy wrote: ↑Fri Dec 22, 2023 6:56 am
Yes, VAL actually modifies your program at runtime, and unfortunately fails to undo the damage if the VAL operation fails due to an overflow.
I believe the plan is to copy the input string to a temporary buffer, which will be null-terminated. So the VAL function will no longer modify data in place. It will take a few microseconds longer to run, but it will also not cause data or program corruption when it fails.