linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Christian Brauner <christian@brauner.io>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: keescook@chromium.org, linux-kernel@vger.kernel.org,
	ebiederm@xmission.com, mcgrof@kernel.org,
	akpm@linux-foundation.org, joe.lawrence@redhat.com,
	longman@redhat.com
Subject: Re: [PATCH 1/2] sysctl: add overflow detection to proc_get_long()
Date: Sun, 14 Oct 2018 20:53:46 +0200	[thread overview]
Message-ID: <20181014185345.o6uokigiytqugg6v@brauner.io> (raw)
In-Reply-To: <20181014171855.GW32577@ZenIV.linux.org.uk>

On Sun, Oct 14, 2018 at 06:18:55PM +0100, Al Viro wrote:
> On Sun, Oct 14, 2018 at 03:25:09PM +0200, Christian Brauner wrote:
> 
> > +static unsigned long sysctl_strtoul_lenient(const char *cp, char **endp,
> > +					    unsigned int base, bool *overflow)
> > +{
> > +	unsigned long long result;
> > +	unsigned int rv;
> > +
> > +	cp = _parse_integer_fixup_radix(cp, &base);
> > +	rv = _parse_integer(cp, base, &result);
> > +	if ((rv & KSTRTOX_OVERFLOW) ||
> > +	    (result != (unsigned long long)(unsigned long)result))
> > +		*overflow = true;
> > +	else
> > +		*overflow = false;
> 
> Yecchh...  First of all, the cast back to unsigned long long is completely
> pointless.  What's more,

Sorry, seriously asking: why? This was meant to handle the case where
sizeof(unsigned long long) != sizeof(unsigned long) and I just looked at
_kstrtoul() which does the same:

int _kstrtoul(const char *s, unsigned int base, unsigned long *res)
{
	unsigned long long tmp;
	int rv;

	rv = kstrtoull(s, base, &tmp);
	if (rv < 0)
		return rv;
	if (tmp != (unsigned long long)(unsigned long)tmp)
		return -ERANGE;
	*res = tmp;
	return 0;
}

Sorry, if I'm being dense here.

> 	if (expr)
> 		foo = true;
> 	else
> 		foo = flase;
> is a fairly unidiomatic way to spell foo = expr;
> 
> And... is there anything that would really care if this "overflow" thing had
> been replaced by simply returning ~0UL on such?  That would appear to be
> a lot more natural API...

Yes, I thought about this but I really didn't want to risk breaking
anything that relies on the weird old behavior. We can change it to that
and assume that anything that doesn't explicitly set a maximum value
wants to be capped at ULONG_MAX. Fine with me.

  reply	other threads:[~2018-10-14 18:53 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-14 13:25 [PATCH 0/2] sysctl: cap file-max value at ULONG_MAX Christian Brauner
2018-10-14 13:25 ` [PATCH 1/2] sysctl: add overflow detection to proc_get_long() Christian Brauner
2018-10-14 17:18   ` Al Viro
2018-10-14 18:53     ` Christian Brauner [this message]
2018-10-15  0:03       ` Al Viro
2018-10-15  4:47         ` Christian Brauner
2018-10-14 13:25 ` [PATCH 2/2] sysctl: handle overflow for file-max Christian Brauner
2018-10-14 22:13 [PATCH 1/2] sysctl: add overflow detection to proc_get_long() Alexey Dobriyan
2018-10-14 22:43 ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181014185345.o6uokigiytqugg6v@brauner.io \
    --to=christian@brauner.io \
    --cc=akpm@linux-foundation.org \
    --cc=ebiederm@xmission.com \
    --cc=joe.lawrence@redhat.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=longman@redhat.com \
    --cc=mcgrof@kernel.org \
    --cc=viro@ZenIV.linux.org.uk \
    --subject='Re: [PATCH 1/2] sysctl: add overflow detection to proc_get_long()' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).