| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ty6hptfh65k2rkqo6c6mg5z6vismuvyqsu3emvqarr2rbhpvcz@kn6tzjk5xi2o>
Date: Mon, 26 Jan 2026 14:26:20 +0000
From: Rodrigo Alencar <455.rodrigo.alencar@...il.com>
To: Andy Shevchenko <andriy.shevchenko@...el.com>,
Rodrigo Alencar <455.rodrigo.alencar@...il.com>
Cc: rodrigo.alencar@...log.com, linux-kernel@...r.kernel.org,
linux-iio@...r.kernel.org, devicetree@...r.kernel.org, linux-doc@...r.kernel.org,
Jonathan Cameron <jic23@...nel.org>, David Lechner <dlechner@...libre.com>,
Andy Shevchenko <andy@...nel.org>, Lars-Peter Clausen <lars@...afoo.de>,
Michael Hennerich <Michael.Hennerich@...log.com>, Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>,
Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH v5 2/8] iio: core: add fixed point parsing with 64-bit
parts
On 26/01/26 03:35PM, Andy Shevchenko wrote:
> On Mon, Jan 26, 2026 at 12:42:53PM +0000, Rodrigo Alencar wrote:
> > On 26/01/26 01:49PM, Andy Shevchenko wrote:
> > > On Fri, Jan 23, 2026 at 03:53:07PM +0000, Rodrigo Alencar via B4 Relay wrote:
>
> ...
>
> > > > +static int __iio_str_to_fixpoint64(const char *str, u64 fract_mult,
> > > > + s64 *integer, s64 *fract, bool scale_db)
> > > > +{
> > > > + u64 i = 0, f = 0;
> > > > + char *end;
> > > > + int digit_count, precision = ffs(fract_mult);
> > > > + bool negative = false;
> > > > +
> > > > + if (str[0] == '-') {
> > > > + negative = true;
> > > > + str++;
> > > > + } else if (str[0] == '+') {
> > > > + str++;
> > > > + }
> > > > +
> > > > + i = simple_strtoull(str, &end, 10);
> > > > + digit_count = end - str;
> > > > + if (digit_count > 20)
> > > > + return -EINVAL;
> > >
> > > Not really. If we are talking about decimal (only) cases we need to also count
> > > leading 0:s.
> > >
> > > 0000000000000000000000000000000025 is still 25, no overflow.
> > >
> > > That's why I recommend to have a helper, maybe for now locally here, like
> > >
> > > int safe_strtoull(..., unsigned long long *res)
> > > {
> > > ...
> > > }
> >
> > Are you suggesting to not use simple_strtoull then?
>
> Nope, I suggest to do an additional step before checking for the range.
You mean, conditionally skip leading 0's when parsing the integer part?
e.g.
/*function entry and arg check */
while(*str == '\0')
str++;
/* then call simple_strtoull() */
simple_strtoull() is not overflow-safe, as it does not use
check_mul_overflow() or check_add_overflow(), only checking the
amount of digits is not enough. Previous implementation of fixpoint
parsing didn't care about that.
>
> > Understood, leading zeros can be ignored only when parsing the integer
> > part. Also, would be nice to have truncation of the fractional part
> > while doing the parsing. How about:
> >
> > static int iio_safe_strtoull(const char *str, const char **end,
> > size_t max_chars, u64 *res)
>
> > - max_chars = 0: ignores leading 0's and process all digits
> > - max_chars > 0: process only initial max_chars digits and ignores the rest
>
> I'm not sure why we would need that. It should parse the whole line until the
> first invalid character or overflow.
"process all digits" and "ignores the rest" would be for digits only, so it
would stop until the first invalid character is found. I suppose proper
overflow check is implemented with check_mul_overflow() and check_add_overflow(),
while iterating over the characters and accumulating the value.
Kind regards,
Rodrigo Alencar
Powered by blists - more mailing lists