[xml/sgml-pkgs] Bug#947050: libxml2: string() is buggy on floating-point values

Vincent Lefevre vincent at vinc17.net
Fri Dec 20 02:04:19 GMT 2019 

Package: libxml2
Version: 2.9.4+dfsg1-8
Severity: important

Parsing floating-point numbers give incorrect values:

$ echo '<a/>' | xmllint --xpath "string(1.0999999999999999)" - ; echo
1.1

This is incorrect because of the following.

$ echo '<a/>' | xmllint --xpath "string(1.1)" - ; echo
1.1

Since they produce the same output, this would mean that
1.0999999999999999 and 1.1 correspond to the same double-precision
value. But this is not the case:

$ echo '<a/>' | xmllint --xpath "string(1.1 - 1.0999999999999999)" - ; echo
2.22044604925031e-16

This shows that 1.0999999999999999 and 1.1 are converted to different
floating-point numbers, which is correct. This can also be checked
with atof() in C:

1.0999999999999999 gives 0x1.1999999999999p+0
1.1                gives 0x1.199999999999ap+0

i.e. 2 different double-precision numbers.

Thus the bug is in the string() function.

I recall the XPath 1.0 spec:

  https://www.w3.org/TR/1999/REC-xpath-19991116/#section-String-Functions

"otherwise, the number is represented in decimal form as a Number
including a decimal point with at least one digit before the decimal
point and at least one digit after the decimal point, preceded by a
minus sign (-) if the number is negative; there must be no leading
zeros before the decimal point apart possibly from the one required
digit immediately before the decimal point; beyond the one required
digit after the decimal point there must be as many, but only as many,
more digits as are needed to uniquely distinguish the number from all
other IEEE 754 numeric values."

See the last requirement.

Note that the libxml2 version in Debian is very old. I have not
checked the latest upstream version.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libxml2 depends on:
ii  libc6     2.29-6
ii  libicu63  63.2-2
ii  liblzma5  5.2.4-1+b1
ii  zlib1g    1:1.2.11.dfsg-1+b1

libxml2 recommends no packages.

libxml2 suggests no packages.

-- no debconf information

More information about the debian-xml-sgml-pkgs mailing list