Auditing callers, we have no external callers of qemu_strtod, and among the callers of qemu_strtod_finite:
- qapi/qobject-input-visitor.c:qobject_input_type_number_keyval() and qapi/string-input-visitor.c:parse_type_number() which reject all errors (does not matter what we store) - utils/cutils.c:do_strtosz() incorrectly assumes that *endptr points to '.' on all failures (that is, it is not distinguishing between EINVAL and ERANGE; and therefore still does the WRONG THING for "9.9e999". The change here does not fix that (a later patch will tackle this more systematically), but at least the value of endptr is less likely to be out of bounds on overflow - our testsuite, which we can update to match what we document Thanks and Regards Deepanshu Garg https://www.abrasivegrit.in/product/silicon-carbide
