| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Oct 2022 15:10:53 +0000
From: Sean Christopherson <seanjc@...gle.com>
To: "Wang, Wei W" <wei.w.wang@...el.com>
Cc: Vipin Sharma <vipinsh@...gle.com>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"dmatlack@...gle.com" <dmatlack@...gle.com>,
"andrew.jones@...ux.dev" <andrew.jones@...ux.dev>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v6 3/5] KVM: selftests: Add atoi_paranoid() to catch
errors missed by atoi()
On Wed, Oct 26, 2022, Wang, Wei W wrote:
> On Saturday, October 22, 2022 5:18 AM, Vipin Sharma wrote:
> > +int atoi_paranoid(const char *num_str)
> > +{
> > + char *end_ptr;
> > + long num;
> > +
> > + errno = 0;
> > + num = strtol(num_str, &end_ptr, 10);
>
> Why not use strtoull here?
This intended to be a drop in replacement for atoi(), which allows negative
numbers.
> Negative numbers will result in a huge "unsigned long long" number,
> and this will be captured by your TEST_ASSERT(num >= INT_MIN) below.
As above, we want to allow negative numbers, e.g. memslot_perf_test.c uses '-1'
to indicate "as many slots as possible".
It's unlikely a test will As unlikely as
> Then we don't need patch 4, I think.
Even if this low level helper disallowed negative numbers, patch 4 still has value
in that the wrappers make the code self-documenting, i.e. makes it very obvious
what input values are allowed.
Powered by blists - more mailing lists