Message ID | 1682045502-13760-1-git-send-email-wangyunjian@huawei.com |
---|---|
State | Superseded |
Headers | show |
Series | [ovs-dev,v2] ofp-parse: Check ranges on string to uint32_t conversion. | expand |
Context | Check | Description |
---|---|---|
ovsrobot/apply-robot | success | apply and check: success |
ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
ovsrobot/intel-ovs-compilation | success | test: success |
On 21 Apr 2023, at 4:51, Yunjian Wang via dev wrote: > An unnecessarily overflow would occurs when the 'value' is longer than > 4294967295. So it's required to check ranges to avoid uint32_t overflow. > > Reported-by: Nan Zhou <zhounan14@huawei.com> > Signed-off-by: Yunjian Wang <wangyunjian@huawei.com> > --- > v2: fix patch code styles > --- > lib/ofp-parse.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c > index a90b926ef..f3a645c5c 100644 > --- a/lib/ofp-parse.c > +++ b/lib/ofp-parse.c > @@ -71,16 +71,13 @@ str_to_u16(const char *str, const char *name, uint16_t *valuep) > char * OVS_WARN_UNUSED_RESULT > str_to_u32(const char *str, uint32_t *valuep) > { > - char *tail; > - uint32_t value; > + long long value; > > if (!str[0]) { > return xstrdup("missing required numeric argument"); > } > > - errno = 0; > - value = strtoul(str, &tail, 0); > - if (errno == EINVAL || errno == ERANGE || *tail) { > + if (!str_to_llong(str, 0, &value) || value < 0 || value > UINT32_MAX) { The change looks good, but I would use str_to_ullong() here, as we are unsigned. > return xasprintf("invalid numeric format %s", str); > } > *valuep = value; > -- > 2.27.0 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c index a90b926ef..f3a645c5c 100644 --- a/lib/ofp-parse.c +++ b/lib/ofp-parse.c @@ -71,16 +71,13 @@ str_to_u16(const char *str, const char *name, uint16_t *valuep) char * OVS_WARN_UNUSED_RESULT str_to_u32(const char *str, uint32_t *valuep) { - char *tail; - uint32_t value; + long long value; if (!str[0]) { return xstrdup("missing required numeric argument"); } - errno = 0; - value = strtoul(str, &tail, 0); - if (errno == EINVAL || errno == ERANGE || *tail) { + if (!str_to_llong(str, 0, &value) || value < 0 || value > UINT32_MAX) { return xasprintf("invalid numeric format %s", str); } *valuep = value;
An unnecessarily overflow would occurs when the 'value' is longer than 4294967295. So it's required to check ranges to avoid uint32_t overflow. Reported-by: Nan Zhou <zhounan14@huawei.com> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com> --- v2: fix patch code styles --- lib/ofp-parse.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-)