StringToNumber: Fix integer overflow on parsing INT_MIN.

StringToNumber: Fix integer overflow on parsing INT_MIN.

This patch adjusts the algorithm of toIntegralType(), which parses an integer
value out of a string. Previously, toIntegralType() used a positive number
as an accumulator regardless of whether we had seen the negative sign or not,
and it inverted the accumulator value if there had been a negative sign. This
causes an integer overflow when INT_MIN is specified as the source string,
because the absolute value of INT_MIN is one larger than that of INT_MAX.

This patch fixes this issue by accumulating a negative value if the result
will be negative. Also, the detection algorithm of overflows is updated so
that it can detect overflows correctly in every possible case (it used to have
a small bug that the function fails to parse INT_MIN in base 16).

Additionally, unit tests are added.

BUG=665110
Committed: https://crrev.com/957b5b3085eeae5a6fd6779d62feb90cc2515ad2
Cr-Commit-Position: refs/heads/master@{#437508}

[Yuta Kitamura, 2016-12-08 13:01:52]

The CQ bit was checked by yutak@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-08 13:02:02]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-08 13:41:13]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-08 13:41:14]

Dry run: Try jobs failed on following builders:
  win_chromium_x64_rel_ng on master.tryserver.chromium.win (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_...)

[Yuta Kitamura, 2016-12-09 05:46:49]

The CQ bit was checked by yutak@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-09 05:47:12]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[Yuta Kitamura, 2016-12-09 05:52:30]

yutak@chromium.org changed reviewers:
+ esprehn@chromium.org, haraken@chromium.org, tzik@chromium.org

[Yuta Kitamura, 2016-12-09 05:52:31]

PTAL?

[esprehn, 2016-12-09 06:33:46]

lgtm

[tzik, 2016-12-09 06:54:31]

lgtm

[haraken, 2016-12-09 07:28:41]

LGTM

[commit-bot: I haz the power, 2016-12-09 08:55:07]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-09 08:55:08]

Dry run: This issue passed the CQ dry run.

[Yuta Kitamura, 2016-12-09 09:49:28]

The CQ bit was checked by yutak@chromium.org

[commit-bot: I haz the power, 2016-12-09 09:49:39]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-09 09:53:20]

CQ is committing da patch.

Bot data: {"patchset_id": 20001, "attempt_start_ts": 1481276968525860,
"parent_rev": "681256d3db8ed872672ddac440fe874e4390fef5", "commit_rev":
"a335cd1a010fb8e15829b9d43e221a8fd4e81459"}

[commit-bot: I haz the power, 2016-12-09 09:53:50]

Committed patchset #2 (id:20001)

[commit-bot: I haz the power, 2016-12-09 09:56:14]

Description was changed from

==========
StringToNumber: Fix integer overflow on parsing INT_MIN.

This patch adjusts the algorithm of toIntegralType(), which parses an integer
value out of a string. Previously, toIntegralType() used a positive number
as an accumulator regardless of whether we had seen the negative sign or not,
and it inverted the accumulator value if there had been a negative sign. This
causes an integer overflow when INT_MIN is specified as the source string,
because the absolute value of INT_MIN is one larger than that of INT_MAX.

This patch fixes this issue by accumulating a negative value if the result
will be negative. Also, the detection algorithm of overflows is updated so
that it can detect overflows correctly in every possible case (it used to have
a small bug that the function fails to parse INT_MIN in base 16).

Additionally, unit tests are added.

BUG=665110
==========

to

==========
StringToNumber: Fix integer overflow on parsing INT_MIN.

This patch adjusts the algorithm of toIntegralType(), which parses an integer
value out of a string. Previously, toIntegralType() used a positive number
as an accumulator regardless of whether we had seen the negative sign or not,
and it inverted the accumulator value if there had been a negative sign. This
causes an integer overflow when INT_MIN is specified as the source string,
because the absolute value of INT_MIN is one larger than that of INT_MAX.

This patch fixes this issue by accumulating a negative value if the result
will be negative. Also, the detection algorithm of overflows is updated so
that it can detect overflows correctly in every possible case (it used to have
a small bug that the function fails to parse INT_MIN in base 16).

Additionally, unit tests are added.

BUG=665110

Committed: https://crrev.com/957b5b3085eeae5a6fd6779d62feb90cc2515ad2
Cr-Commit-Position: refs/heads/master@{#437508}
==========

[commit-bot: I haz the power, 2016-12-09 09:56:15]

Patchset 2 (id:??) landed as
https://crrev.com/957b5b3085eeae5a6fd6779d62feb90cc2515ad2
Cr-Commit-Position: refs/heads/master@{#437508}