| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <17f403303bfc4f6b90573858ae966cb7@AcuMS.aculab.com>
Date: Mon, 8 Jul 2019 13:42:30 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Andy Shevchenko' <andriy.shevchenko@...ux.intel.com>,
Petr Mladek <pmladek@...e.com>
CC: Geert Uytterhoeven <geert+renesas@...der.be>,
Miguel Ojeda Sandonis <miguel.ojeda.sandonis@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Mans Rullgard <mans@...sr.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v3 2/2] auxdisplay: charlcd: Deduplicate simple_strtoul()
> > simple_strtoul() tries to detect the base even when it has been
> > explicitely specified.
>
> I can't see it from the code. Can you point out to this drastic bug that has to
> be fixed?
>
> > I am afraid that it might cause some
> > regressions.
> >
> > For example, the following input is strange but it is valid:
> >
> > x0x10; new code would return (16, <orig_y>) instead of (10, <orig_y>)
> > x010; new code would return (8, <orig_y>) instead of (10, <orig_y>)
While having simple_stroul("0x10", 10) use base 16 is possibly not unreasonable,
using base 8 for simple_strtoul("010", 10) is just plain wrong.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists