lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 26 Jun 2019 13:00:45 +0200
From:   Geert Uytterhoeven <geert@...ux-m68k.org>
To:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc:     Miguel Ojeda Sandonis <miguel.ojeda.sandonis@...il.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Geert Uytterhoeven <geert+renesas@...der.be>,
        Mans Rullgard <mans@...sr.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Petr Mladek <pmladek@...e.com>
Subject: Re: [PATCH v2 1/2] kernel.h: Update comment about simple_strto<foo>() functions

Hi Andy,

On Wed, Jun 26, 2019 at 11:39 AM Andy Shevchenko
<andriy.shevchenko@...ux.intel.com> wrote:
> There were discussions in the past about use cases for
> simple_strto<foo>() functions and in some rare cases they have a benefit
> on kstrto<foo>() ones.

over

> Update a comment to reduce confusing about special use cases.

confusion

> Suggested-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
> Signed-off-by: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>

> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h

> @@ -437,7 +435,15 @@ static inline int __must_check kstrtos32_from_user(const char __user *s, size_t
>         return kstrtoint_from_user(s, count, base, res);
>  }
>
> -/* Obsolete, do not use.  Use kstrto<foo> instead */
> +/*
> + * Use kstrto<foo> instead.
> + *
> + * NOTE: The simple_strto<foo> does not check for overflow and,
> + *      depending on the input, may give interesting results.
> + *
> + * Use these functions if and only if the code will need in place
> + * conversion and otherwise looks very ugly. Keep in mind above caveat.

What do you mean by "in place conversion"?
The input buffer is const, and not modified by the callee.
Do you mean that these functions do not require NUL termination (just
after the number), and the characters making up the number don't have to
be copied to a separate buffer to make them NUL-terminated?

> + */
>
>  extern unsigned long simple_strtoul(const char *,char **,unsigned int);
>  extern long simple_strtol(const char *,char **,unsigned int);

Yeah, they're still very useful.

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ