From: Heinrich Schuchardt <xypron.glpk@gmx.de>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Michal Nazarewicz <mina86@mina86.com>,
Ingo Molnar <mingo@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Peter Zijlstra <peterz@infradead.org>,
Joe Perches <joe@perches.com>, Josh Hunt <johunt@akamai.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Rusty Russell <rusty@rustcorp.com.au>,
Daniel Walter <dwalter@google.com>,
David Rientjes <rientjes@google.com>,
Kees Cook <keescook@chromium.org>,
"David S. Miller" <davem@davemloft.net>,
Johannes Weiner <hannes@cmpxchg.org>,
Aaron Tomlin <atomlin@redhat.com>,
Prarit Bhargava <prarit@redhat.com>,
Eric B Munson <emunson@akamai.com>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Sam Ravnborg <sam@ravnborg.org>,
linux-kernel@vger.kernel.org,
Heinrich Schuchardt <xypron.glpk@gmx.de>
Subject: [PATCH 1/3] lib/kstrtox.c: functions returning end of string
Date: Sun, 29 Mar 2015 21:28:27 +0200 [thread overview]
Message-ID: <1427657309-4344-2-git-send-email-xypron.glpk@gmx.de> (raw)
In-Reply-To: <1427657309-4344-1-git-send-email-xypron.glpk@gmx.de>
Functions simple_strtoul and simple_strtoull have been deprecated
as they cannot return overflows.
See https://lkml.org/lkml/2011/2/26/52
Unfortunately functions simple_strtoul and simple_strtoull cannot
be replaced by kstrtoul and kstrtoull in some places, because they
expect a zero terminated string instead of returning a pointer to
the character after the last digit.
This patch introduces two new functions kstrtoul_e and kstrtoull_e
which fill this gap.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
include/linux/kernel.h | 4 +++
lib/kstrtox.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 72 insertions(+), 3 deletions(-)
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index d6d630d..580212e 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -255,6 +255,10 @@ void complete_and_exit(struct completion *, long)
int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res);
int __must_check _kstrtol(const char *s, unsigned int base, long *res);
+int __must_check kstrtoull_e(const char *s, char **ends, unsigned int base,
+ unsigned long long *res);
+int __must_check kstrtoul_e(const char *s, char **ends, unsigned int base,
+ unsigned long *res);
int __must_check kstrtoull(const char *s, unsigned int base, unsigned long long *res);
int __must_check kstrtoll(const char *s, unsigned int base, long long *res);
diff --git a/lib/kstrtox.c b/lib/kstrtox.c
index ec8da78..e2b8618 100644
--- a/lib/kstrtox.c
+++ b/lib/kstrtox.c
@@ -83,7 +83,8 @@ unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long
return rv;
}
-static int _kstrtoull(const char *s, unsigned int base, unsigned long long *res)
+static int _kstrtoull_e(const char *s, char **ends, unsigned int base,
+ unsigned long long *res)
{
unsigned long long _res;
unsigned int rv;
@@ -95,15 +96,79 @@ static int _kstrtoull(const char *s, unsigned int base, unsigned long long *res)
if (rv == 0)
return -EINVAL;
s += rv;
+
+ if (ends) {
+ *ends = (char *) s;
+ goto out_ok;
+ }
+
if (*s == '\n')
s++;
if (*s)
return -EINVAL;
+
+out_ok:
*res = _res;
return 0;
}
/**
+ * kstrtoull_e - convert a string to an unsigned long long
+ * @s: The start of the string.
+ * @ends: Returns a pointer to the character after the last digit.
+ * @base: The number base to use. The maximum supported base is 16. If base is
+ * given as 0, then the base of the string is automatically detected with the
+ * conventional semantics - If it begins with 0x the number will be parsed as a
+ * hexadecimal (case insensitive), if it otherwise begins with 0, it will be
+ * parsed as an octal number. Otherwise it will be parsed as a decimal.
+ * @res: Where to write the result of the conversion on success.
+ *
+ * Returns 0 on success, -ERANGE on overflow and -EINVAL on parsing error.
+ * Used as a replacement for the obsolete simple_strtoull. Return code must
+ * be checked.
+ */
+int kstrtoull_e(const char *s, char **ends, unsigned int base,
+ unsigned long long *res)
+{
+ if (!ends)
+ return -EINVAL;
+
+ return _kstrtoull_e(s, ends, base, res);
+}
+EXPORT_SYMBOL(kstrtoull_e);
+
+/**
+ * kstrtoul_e - convert a string to an unsigned long
+ * @s: The start of the string.
+ * @ends: Returns a pointer to the character after the last digit.
+ * @base: The number base to use. The maximum supported base is 16. If base is
+ * given as 0, then the base of the string is automatically detected with the
+ * conventional semantics - If it begins with 0x the number will be parsed as a
+ * hexadecimal (case insensitive), if it otherwise begins with 0, it will be
+ * parsed as an octal number. Otherwise it will be parsed as a decimal.
+ * @res: Where to write the result of the conversion on success.
+ *
+ * Returns 0 on success, -ERANGE on overflow and -EINVAL on parsing error.
+ * Used as a replacement for the obsolete simple_strtoul. Return code must
+ * be checked.
+ */
+int kstrtoul_e(const char *s, char **ends, unsigned int base,
+ unsigned long *res)
+{
+ unsigned long long value;
+ int rv;
+
+ rv = kstrtoull_e(s, ends, base, &value);
+ if (rv < 0)
+ return rv;
+ if (value != (unsigned long long) (unsigned long) value)
+ return -ERANGE;
+ *res = value;
+ return 0;
+}
+EXPORT_SYMBOL(kstrtoul_e);
+
+/**
* kstrtoull - convert a string to an unsigned long long
* @s: The start of the string. The string must be null-terminated, and may also
* include a single newline before its terminating null. The first character
@@ -123,7 +188,7 @@ int kstrtoull(const char *s, unsigned int base, unsigned long long *res)
{
if (s[0] == '+')
s++;
- return _kstrtoull(s, base, res);
+ return _kstrtoull_e(s, NULL, base, res);
}
EXPORT_SYMBOL(kstrtoull);
@@ -149,7 +214,7 @@ int kstrtoll(const char *s, unsigned int base, long long *res)
int rv;
if (s[0] == '-') {
- rv = _kstrtoull(s + 1, base, &tmp);
+ rv = _kstrtoull_e(s + 1, NULL, base, &tmp);
if (rv < 0)
return rv;
if ((long long)(-tmp) >= 0)
--
2.1.4
next prev parent reply other threads:[~2015-03-29 19:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-29 19:28 [PATCH 0/3] sysctl: detect overflows when setting integers Heinrich Schuchardt
2015-03-29 19:28 ` Heinrich Schuchardt [this message]
2015-03-29 19:28 ` [PATCH 2/3] sysctl: detect overflows in proc_get_long Heinrich Schuchardt
2015-03-29 19:28 ` [PATCH 3/3] sysctl: detect overflows when converting to int Heinrich Schuchardt
2015-03-31 17:12 ` Fwd: " Heinrich Schuchardt
2015-03-31 22:45 ` Andrew Morton
2015-04-01 17:31 ` Heinrich Schuchardt
2015-06-08 22:41 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1427657309-4344-2-git-send-email-xypron.glpk@gmx.de \
--to=xypron.glpk@gmx.de \
--cc=akpm@linux-foundation.org \
--cc=atomlin@redhat.com \
--cc=davem@davemloft.net \
--cc=dwalter@google.com \
--cc=emunson@akamai.com \
--cc=hannes@cmpxchg.org \
--cc=joe@perches.com \
--cc=johunt@akamai.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=mina86@mina86.com \
--cc=mingo@kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=prarit@redhat.com \
--cc=rientjes@google.com \
--cc=rostedt@goodmis.org \
--cc=rusty@rustcorp.com.au \
--cc=sam@ravnborg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).