lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 Jan 2013 13:53:38 +0000
From:	Ben Hutchings <bhutchings@...arflare.com>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
CC:	Stephen Hemminger <shemminger@...tta.com>,
	<netdev@...r.kernel.org>, "Serge E. Hallyn" <serge@...lyn.com>
Subject: Re: [PATCH for 3.8] iproute2: Add "ip netns pids" and "ip netns
 identify"

On Thu, 2013-01-17 at 17:27 -0800, Eric W. Biederman wrote:
> Ben Hutchings <bhutchings@...arflare.com> writes:
> 
> > On Thu, 2013-01-17 at 16:23 -0800, Eric W. Biederman wrote:
> >> Ben Hutchings <bhutchings@...arflare.com> writes:
> >> 
> >> > On Mon, 2012-11-26 at 17:16 -0600, Eric W. Biederman wrote:
> > [...]
> >> >> --- a/ip/ipnetns.c
> >> >> +++ b/ip/ipnetns.c
> > [...]
> >> >> +static int is_pid(const char *str)
> >> >> +{
> >> >> +	int ch;
> >> >> +	for (; (ch = *str); str++) {
> >> >> +		if (!isdigit(ch))
> >> >
> >> > ch must be cast to unsigned char before passing to isdigit().
> >> 
> >> isdigit is defined to take an int.  A legacy of the implicit casts in
> >> the K&R C days.  Casting to unsigned char would be pointless and silly.
> > [...]
> >
> > It's not pointless.  This is explained in the very first line of the
> > description in the manual page...
> 
> If it's not pointless it is an implementation bug.

You can either get in your time machine and go back to 1978 and fix it,
or add the cast like every C programmer who knows what the C standards
say about these functions.

> The conversion to of
> char to int happens implicitly whenever you pass a char.  It is
> absolutely broken to have a function that takes a char converted to int
> and reject the automatic conversion of char to int.

It doesn't take a char... weird but that is how it is defined.

> I suspect much more strongly that it is a case of poor documentation.
>
> If isdigit can't deal with what I have passed it I will be much more
> interested in writing a patch for isdigit.
> 
> That said I just dobule checked with the code below.  Negative character
> values work correctly and don't cause any runtime errors.
[...]

Testing on one implementation doesn't prove anything.  'char' can be
signed or unsigned depending on the architecture, and some C libraries
work around buggy applications that .  That's no reason to write another
buggy application.

Ben.

-- 
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ