[PATCH 3/3] lib: add range check to avoid overflow simple_strtoul/ull

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Harvey Harrison <harvey.harrison@...>

To: Andrew Morton <akpm@...>

Cc: LKML <linux-kernel@...>, Alexey Dobriyan <adobriyan@...>

Subject: [PATCH 3/3] lib: add range check to avoid overflow simple_strtoul/ull

Date: Tuesday, May 13, 2008 - 7:57 pm

Add a simple range check to avoid overflowing an UL, ULL
respectively.  The strict versions will catch this case now
as the strlen call will be longer than the number of characters
read. Previously, the simple function would read as long as there
were valied hexadecimal characters remaining.

The simple_strtol/ll still can overflow producing sign errors, but
maybe those users should be using the strict versions then?

Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
---
As Alexey noted, the strict versions are a bit of a joke if they
can overflow in the simple cases, here's one way of closing the
gap for the strict functions and simple_strtoul/simple_strtoull

simple_strtol/simple_strtoll still has a (narrower) chance at overflow
and is not totally safe...use the strict versions then.

 lib/vsprintf.c |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 3547fb5..89f2620 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -57,6 +57,7 @@ static u8 chartou8(char ch)
 unsigned long simple_strtoul(const char *cp, char **endp, unsigned int base)
 {
 	unsigned long result = 0;
+	unsigned long maxval;
 	u8 value;
 
 	if (!base)
@@ -65,9 +66,12 @@ unsigned long simple_strtoul(const char *cp, char **endp, unsigned int base)
 	if (base == 16 && cp[0] == '0' && TOLOWER(cp[1]) == 'x')
 			cp += 2;
 
+	maxval = ULONG_MAX / base;
 	while (isxdigit(*cp) && (value = chartou8(*cp) < base)) {
 		result = result * base + value;
 		cp++;
+		if (result > maxval)
+			break;
 	}
 
 	if (endp)
@@ -99,6 +103,7 @@ EXPORT_SYMBOL(simple_strtol);
 unsigned long long simple_strtoull(const char *cp, char **endp, unsigned int base)
 {
 	unsigned long long result = 0;
+	unsigned long long maxval;
 	u8 value;
 
 	if (!base)
@@ -107,9 +112,12 @@ unsigned long long simple_strtoull(const char *cp, char **endp, unsigned int bas
 	if (base == 16 && cp[0] == '0' && TOLOWER(cp[1]) == 'x')
 		cp += 2;
 
+	maxval = ULLONG_MAX / base;
 	while (isxdigit(*cp) && (value = chartou8(*cp) < base)) {
 		result = result * base + value;
 		cp++;
+		if (result > maxval)
+			break;
 	}
 
 	if (endp)
-- 
1.5.5.1.482.g0f174

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 3/3] lib: add range check to avoid overflow simple_st..., Harvey Harrison, (Tue May 13, 7:57 pm)


linux-kernel:
Greg Kroah-Hartman	[PATCH 005/196] Chinese: add translation of SubmittingDrivers
Nick Piggin	[patch] my mmu notifier sample driver
Sean	Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching
Arjan van de Ven	[Patch v2] Make PCI extended config space (MMCONFIG) a driver opt-in
git:

linux-netdev:
Antonio Almeida	HTB accuracy for high speed
Gerrit Renker	[PATCH 0/37] dccp: Feature negotiation - last call for comments
Jens Axboe	Re: [BUG] New Kernel Bugs
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
openbsd-misc:

[PATCH 3/3] lib: add range check to avoid overflow simple_strtoul/ull

Online users