Description:
We are encountering a runtime crash when parsing certain XML text nodes that contain alphanumeric strings, where the library attempts to auto-parse them as floats.
This happens when the text value starts with digits and contains e followed by digits, which makes it resemble scientific notation, even though the value is not numeric.
Example real-world value (from eBay webhook XML):
00872437306050e5473d@members.ebay.com
This is a valid anonymized email address, but during XML → JSON conversion the library attempts to parse it as a float and crashes.
Actual Error
** (ArgumentError) errors were found at the given arguments:
* 1st argument: not a textual representation of a float
:erlang.binary_to_float("00872437306050.0e5473")
The library appears to attempt numeric coercion using Float.parse/1 on all text nodes.
In this case 00872437306050e5473d is interpreted as scientific notation: 00872437306050e5473
which causes Erlang to attempt :erlang.binary_to_float("00872437306050.0e5473")
Note:
A similar anonymized email does not crash:
008711ae951cdda45353@members.ebay.com
Because the presence of non-numeric letters earlier prevents float parsing.
This means the crash depends on specific random ID patterns, making it unpredictable in production.
Expected Behavior
- Alphanumeric text values (emails, IDs, SKUs, references) should remain strings
- Numeric parsing should only occur when the entire string is numeric
- XML → JSON conversion should never crash on valid XML text content
Suggested Fix
Only coerce to float when the entire string is numeric.
For example:
case Float.parse(value) do
{float, ""} -> float
_ -> value
endor using a strict regex:
if Regex.match?(~r/^[+-]?\d+(\.\d+)?$/, value) do
String.to_float(value)
else
value
end
This prevents accidental parsing of emails, IDs, SKUs, etc.
Thank you.
Description:
We are encountering a runtime crash when parsing certain XML text nodes that contain alphanumeric strings, where the library attempts to auto-parse them as floats.
This happens when the text value starts with digits and contains
efollowed by digits, which makes it resemble scientific notation, even though the value is not numeric.Example real-world value (from eBay webhook XML):
This is a valid anonymized email address, but during XML → JSON conversion the library attempts to parse it as a float and crashes.
Actual Error
The library appears to attempt numeric coercion using
Float.parse/1on all text nodes.In this case
00872437306050e5473dis interpreted as scientific notation:00872437306050e5473which causes Erlang to attempt
:erlang.binary_to_float("00872437306050.0e5473")Note:
A similar anonymized email does not crash:
Because the presence of non-numeric letters earlier prevents float parsing.
This means the crash depends on specific random ID patterns, making it unpredictable in production.
Expected Behavior
Suggested Fix
Only coerce to float when the entire string is numeric.
For example:
or using a strict regex:
This prevents accidental parsing of emails, IDs, SKUs, etc.
Thank you.