| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aY3XTDhPmUQB2V4P@smile.fi.intel.com>
Date: Thu, 12 Feb 2026 15:36:12 +0200
From: Andy Shevchenko <andriy.shevchenko@...el.com>
To: Dmitry Antipov <dmantipov@...dex.ru>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
David Laight <david.laight.linux@...il.com>,
Kees Cook <kees@...nel.org>, "Darrick J . Wong" <djwong@...nel.org>,
linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v7 2/5] lib: fix memparse() to handle overflow
On Thu, Feb 12, 2026 at 03:56:25PM +0300, Dmitry Antipov wrote:
> Since '_parse_integer_limit()' (and so 'simple_strtoull()') is now
> capable to handle overflow, adjust 'memparse()' to handle overflow
> (denoted by ULLONG_MAX) returned from 'simple_strtoull()'. Also
> use 'check_shl_overflow()' to catch an overflow possibly caused
> by processing size suffix and denote it with ULLONG_MAX as well.
Assuming this is a desired check and you undertake any required
action in case of user breakage, the code wise this version LGTM,
Reviewed-by: Andy Shevchenko <andriy.shevchenko@...el.com>
...
> + if (shl && likely(ptr != endptr)) {
IIUC the second check is not needed, but harmless as it's basically a shortcut
for a single allowed unit letter.
> + /* Have valid suffix with preceding number. */
> + unsigned long long val;
> +
> + if (unlikely(check_shl_overflow(ret, shl, &val)))
> + ret = ULLONG_MAX;
> + else
Id est if we came here with ret == 0, shl == 0, we would get val == 0.
> + ret = val;
> + endptr++;
> + }
--
With Best Regards,
Andy Shevchenko
Powered by blists - more mailing lists