lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAAq0SU=MPghhj9FxB9M0M2Lk0H23ZgyBs6qnucXit7YE+tr0NA@mail.gmail.com>
Date: Tue, 25 Nov 2025 10:34:26 -0300
From: Wander Lairson Costa <wander@...hat.com>
To: Crystal Wood <crwood@...hat.com>
Cc: Steven Rostedt <rostedt@...dmis.org>, Tomas Glozar <tglozar@...hat.com>, 
	Ivan Pravdin <ipravdin.official@...il.com>, John Kacur <jkacur@...hat.com>, 
	Costa Shulyupin <costa.shul@...hat.com>, Tiezhu Yang <yangtiezhu@...ngson.cn>, 
	"open list:Real-time Linux Analysis (RTLA) tools" <linux-trace-kernel@...r.kernel.org>, 
	open list <linux-kernel@...r.kernel.org>, 
	"open list:BPF [MISC]:Keyword:(?:\\b|_)bpf(?:\\b|_)" <bpf@...r.kernel.org>
Subject: Re: [rtla 04/13] rtla: Replace atoi() with a robust strtoi()

On Mon, Nov 24, 2025 at 9:46 PM Crystal Wood <crwood@...hat.com> wrote:
>
> On Mon, 2025-11-17 at 15:41 -0300, Wander Lairson Costa wrote:
>
> >
> > diff --git a/tools/tracing/rtla/src/actions.c b/tools/tracing/rtla/src/actions.c
> > index efa17290926da..e23d4f1c5a592 100644
> > --- a/tools/tracing/rtla/src/actions.c
> > +++ b/tools/tracing/rtla/src/actions.c
> > @@ -199,12 +199,14 @@ actions_parse(struct actions *self, const char *trigger, const char *tracefn)
> >               /* Takes two arguments, num (signal) and pid */
> >               while (token != NULL) {
> >                       if (strlen(token) > 4 && strncmp(token, "num=", 4) == 0) {
> > -                             signal = atoi(token + 4);
> > +                             if(!strtoi(token + 4, &signal))
> > +                                     return -1;
>
> if (
>
> >                       } else if (strlen(token) > 4 && strncmp(token, "pid=", 4) == 0) {
> >                               if (strncmp(token + 4, "parent", 7) == 0)
> >                                       pid = -1;
> >                               else
> > -                                     pid = atoi(token + 4);
> > +                                     if (!strtoi(token + 4, &pid))
> > +                                             return -1;
>
> else if (
>
> Please run the patches through checkpatch.pl
>

Good catch, thanks.

> > @@ -959,3 +967,25 @@ int auto_house_keeping(cpu_set_t *monitored_cpus)
> >
> >       return 1;
> >  }
> > +
> > +/*
> > + * strtoi - convert string to integer with error checking
> > + *
> > + * Returns true on success, false if conversion fails or result is out of int range.
> > + */
> > +bool strtoi(const char *s, int *res)
>
> Could use __attribute__((__warn_unused_result__)) like kstrtoint().
>

Sure, I will do it in v2.

> BTW, it's pretty annoying that we need to reinvent the wheel on all this
> stuff just because it's userspace.  From some of the other tools it
> looks like we can at least include basic kernel headers like compiler.h;
> maybe we should have a tools/-wide common util area as well?  Even
> better if some of the code can be shared with the kernel itself.
>
> Not saying that should in any way be a blocker for these patches, just
> something to think about.
>

I thought the same thing some time ago.

>
> -Crystal
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ