lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190708133534.GO9224@smile.fi.intel.com>
Date:   Mon, 8 Jul 2019 16:35:34 +0300
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Petr Mladek <pmladek@...e.com>
Cc:     Geert Uytterhoeven <geert+renesas@...der.be>,
        Miguel Ojeda Sandonis <miguel.ojeda.sandonis@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Mans Rullgard <mans@...sr.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 2/2] auxdisplay: charlcd: Deduplicate simple_strtoul()

On Mon, Jul 08, 2019 at 03:16:52PM +0200, Petr Mladek wrote:
> On Thu 2019-07-04 14:55:32, Andy Shevchenko wrote:
> > Like in the commit
> >   8b2303de399f ("serial: core: Fix handling of options after MMIO address")
> > we may use simple_strtoul() which in comparison to kstrtoul() can do conversion
> > in-place without additional and unnecessary code to be written.
> > 
> > Signed-off-by: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
> > ---
> > - no change since v2
> >  drivers/auxdisplay/charlcd.c | 34 +++++++---------------------------
> >  1 file changed, 7 insertions(+), 27 deletions(-)
> > 
> > diff --git a/drivers/auxdisplay/charlcd.c b/drivers/auxdisplay/charlcd.c
> > index 92745efefb54..3858dc7a4154 100644
> > --- a/drivers/auxdisplay/charlcd.c
> > +++ b/drivers/auxdisplay/charlcd.c
> > @@ -287,31 +287,6 @@ static int charlcd_init_display(struct charlcd *lcd)
> >  	return 0;
> >  }
> >  
> > -/*
> > - * Parses an unsigned integer from a string, until a non-digit character
> > - * is found. The empty string is not accepted. No overflow checks are done.
> > - *
> > - * Returns whether the parsing was successful. Only in that case
> > - * the output parameters are written to.
> > - *
> > - * TODO: If the kernel adds an inplace version of kstrtoul(), this function
> > - * could be easily replaced by that.
> > - */
> > -static bool parse_n(const char *s, unsigned long *res, const char **next_s)
> > -{
> > -	if (!isdigit(*s))
> > -		return false;
> > -
> > -	*res = 0;
> > -	while (isdigit(*s)) {
> > -		*res = *res * 10 + (*s - '0');
> > -		++s;
> > -	}
> > -
> > -	*next_s = s;
> > -	return true;
> > -}
> > -
> >  /*
> >   * Parses a movement command of the form "(.*);", where the group can be
> >   * any number of subcommands of the form "(x|y)[0-9]+".
> > @@ -336,6 +311,7 @@ static bool parse_xy(const char *s, unsigned long *x, unsigned long *y)
> >  {
> >  	unsigned long new_x = *x;
> >  	unsigned long new_y = *y;
> > +	char *p;
> >  
> >  	for (;;) {
> >  		if (!*s)
> > @@ -345,11 +321,15 @@ static bool parse_xy(const char *s, unsigned long *x, unsigned long *y)
> >  			break;
> >  
> >  		if (*s == 'x') {
> > -			if (!parse_n(s + 1, &new_x, &s))
> > +			new_x = simple_strtoul(s + 1, &p, 10);
> 
> simple_strtoul() tries to detect the base even when it has been
> explicitely specified. 

I can't see it from the code. Can you point out to this drastic bug that has to
be fixed?

> I am afraid that it might cause some
> regressions.
> 
> For example, the following input is strange but it is valid:
> 
>     x0x10;  new code would return (16, <orig_y>) instead of (10, <orig_y>)
>     x010;   new code would return (8, <orig_y>) instead of (10, <orig_y>)
> 
> Best Regards,
> Petr

-- 
With Best Regards,
Andy Shevchenko


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ