EC
ERANGE
Linux / POSIXERRORCommonMathHIGH confidence

Math Result Not Representable

Production Risk

Integer overflow from unvalidated string parsing is a frequent source of security vulnerabilities.

What this means

ERANGE (errno 34) is set when a math function produces a result that overflows or underflows the representable range of the return type. It is also set by strtol() and strtod() when parsed values are out of range.

Why it happens
  1. 1exp() or pow() producing a value larger than DBL_MAX (overflow → HUGE_VAL)
  2. 2A very small result underflowing to 0
  3. 3strtol() parsing a string like "99999999999999999999" that exceeds LONG_MAX
How to reproduce

Parsing an out-of-range integer with strtol.

trigger — this will error
trigger — this will error
#include <stdlib.h>
#include <errno.h>
errno = 0;
long val = strtol("99999999999999999999", NULL, 10);
// val = LONG_MAX, errno = ERANGE

expected output

strtol returns LONG_MAX, errno = ERANGE

Fix

Check errno after strtol/strtod and validate ranges

WHEN When parsing numeric strings from external input

Check errno after strtol/strtod and validate ranges
#include <stdlib.h>
#include <errno.h>
#include <limits.h>
char *end;
errno = 0;
long val = strtol(input, &end, 10);
if (errno == ERANGE || val > INT_MAX || val < INT_MIN) {
    // handle out-of-range
}

Why this works

errno is set to ERANGE on overflow. Always check errno after strtol/strtod, and also verify that end != input (non-empty parse) and *end == '\0' (full parse).

What not to do

Use atoi() for input parsing

atoi() has undefined behaviour on overflow — it does not set errno. Use strtol() with errno checking instead.

Sources
Official documentation ↗

Linux Programmer Manual strtol(3)

math_error(7)

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

← All Linux / POSIX errors