lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZuhMdXFhhVUXh8Il@black.fi.intel.com>
Date: Mon, 16 Sep 2024 18:19:17 +0300
From: Andy Shevchenko <andriy.shevchenko@...el.com>
To: Ulf Hansson <ulf.hansson@...aro.org>
Cc: Riyan Dhiman <riyandhiman14@...il.com>, linux-mmc@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mmc: core: convert simple_stroul to kstroul

On Tue, Sep 03, 2024 at 02:37:25PM +0200, Ulf Hansson wrote:
> On Sun, 1 Sept 2024 at 20:22, Riyan Dhiman <riyandhiman14@...il.com> wrote:
> >
> > simple_strtoul() is obsolete and lacks proper error handling, making it
> > unsafe for converting strings to unsigned long values. Replace it with
> > kstrtoul(), which provides robust error checking and better safety.
> >
> > This change improves the reliability of the string-to-integer conversion
> > and aligns with current kernel coding standards. Error handling is added
> > to catch conversion failures, returning -EINVAL when input is invalid.
> >
> > Issue reported by checkpatch:
> > - WARNING: simple_strtoul is obsolete, use kstrtoul instead

In rare cases this is a false positive, here seems to be okay.

...

> > +       if (kstrtoul(buf, 0, &set)) {
> >                 ret = -EINVAL;
> >                 goto out;
> >         }

Now you shadow the error code of kstrtox(), this has to be as simple as

       ret = kstrtoul(buf, 0, &set);
       if (ret)
               goto out;

-- 
With Best Regards,
Andy Shevchenko



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ