| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <shsikp7hinoxzj7pzxopvmvgpaak4dioekh4tyvns4kv6xp46f@z5vgnisqskco>
Date: Mon, 26 Jan 2026 15:30:44 +0000
From: Rodrigo Alencar <455.rodrigo.alencar@...il.com>
To: Rodrigo Alencar <455.rodrigo.alencar@...il.com>,
Andy Shevchenko <andriy.shevchenko@...el.com>
Cc: rodrigo.alencar@...log.com, linux-kernel@...r.kernel.org,
linux-iio@...r.kernel.org, devicetree@...r.kernel.org, linux-doc@...r.kernel.org,
Jonathan Cameron <jic23@...nel.org>, David Lechner <dlechner@...libre.com>,
Andy Shevchenko <andy@...nel.org>, Lars-Peter Clausen <lars@...afoo.de>,
Michael Hennerich <Michael.Hennerich@...log.com>, Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>,
Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH v5 2/8] iio: core: add fixed point parsing with 64-bit
parts
On 26/01/26 03:20PM, Rodrigo Alencar wrote:
> On 26/01/26 04:53PM, Andy Shevchenko wrote:
> > On Mon, Jan 26, 2026 at 02:26:20PM +0000, Rodrigo Alencar wrote:
> > > On 26/01/26 03:35PM, Andy Shevchenko wrote:
> > > > On Mon, Jan 26, 2026 at 12:42:53PM +0000, Rodrigo Alencar wrote:
> > > > > On 26/01/26 01:49PM, Andy Shevchenko wrote:
> > > > > > On Fri, Jan 23, 2026 at 03:53:07PM +0000, Rodrigo Alencar via B4 Relay wrote:
> >
> > ...
> >
> > > > > > > +static int __iio_str_to_fixpoint64(const char *str, u64 fract_mult,
> > > > > > > + s64 *integer, s64 *fract, bool scale_db)
> > > > > > > +{
> > > > > > > + u64 i = 0, f = 0;
> > > > > > > + char *end;
> > > > > > > + int digit_count, precision = ffs(fract_mult);
> > > > > > > + bool negative = false;
> > > > > > > +
> > > > > > > + if (str[0] == '-') {
> > > > > > > + negative = true;
> > > > > > > + str++;
> > > > > > > + } else if (str[0] == '+') {
> > > > > > > + str++;
> > > > > > > + }
> > > > > > > +
> > > > > > > + i = simple_strtoull(str, &end, 10);
> > > > > > > + digit_count = end - str;
> > > > > > > + if (digit_count > 20)
> > > > > > > + return -EINVAL;
> > > > > >
> > > > > > Not really. If we are talking about decimal (only) cases we need to also count
> > > > > > leading 0:s.
> > > > > >
> > > > > > 0000000000000000000000000000000025 is still 25, no overflow.
> > > > > >
> > > > > > That's why I recommend to have a helper, maybe for now locally here, like
> > > > > >
> > > > > > int safe_strtoull(..., unsigned long long *res)
> > > > > > {
> > > > > > ...
> > > > > > }
> > > > >
> > > > > Are you suggesting to not use simple_strtoull then?
> > > >
> > > > Nope, I suggest to do an additional step before checking for the range.
> > >
> > > You mean, conditionally skip leading 0's when parsing the integer part?
> > > e.g.
> > >
> > > /*function entry and arg check */
> > > while(*str == '\0')
> > > str++;
> > > /* then call simple_strtoull() */
> >
> > Not skipping, but counting them.
> >
> > > simple_strtoull() is not overflow-safe,
> >
> > Yes, I know. That's why all these additional checks are required,
> >
> > > as it does not use
> > > check_mul_overflow() or check_add_overflow(), only checking the
> > > amount of digits is not enough.
> >
> > Why? Can you elaborate how checking amount of digits is different to
> > check_mul_overflow()?
>
> consider U64_MAX = 18_446_744_073_709_551_615 as the limit:
> - 19_000_000_000_000_000_000 contains the same amount of digits but overflows.
> - 18_446_744_073_710_000_000 contains the same amount of digits but overflows.
>
> to catch those cases, we need to check for the overflow, everytime we read a
> character and accumulate:
>
> u64 acc;
>
> while(isdigit(*str))
> if (check_mul_overflow(acc, 10, &acc) ||
> check_add_overflow(acc, *str - '0', &acc))
> return -EOVERFLOW;
>
> *res = acc;
>
> acc can get weird results if not checked.
Thinking about it again, that check could be done only in the last step
(20th for u64)
Kind regards,
Rodrigo Alencar
Powered by blists - more mailing lists