mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-15 00:04:15 +08:00
900fdc4573
The existing code attempted to handle numbers by doing a strto[u]l(), ignoring the field width, and then repeatedly dividing to extract the field out of the full converted value. If the string contains a run of valid digits longer than will fit in a long or long long, this would overflow and no amount of dividing can recover the correct value. This patch fixes vsscanf() to obey number field widths when parsing the number. A new _parse_integer_limit() is added that takes a limit for the number of characters to parse. The number field conversion in vsscanf is changed to use this new function. If a number starts with a radix prefix, the field width must be long enough for at last one digit after the prefix. If not, it will be handled like this: sscanf("0x4", "%1i", &i): i=0, scanning continues with the 'x' sscanf("0x4", "%2i", &i): i=0, scanning continues with the '4' This is consistent with the observed behaviour of userland sscanf. Note that this patch does NOT fix the problem of a single field value overflowing the target type. So for example: sscanf("123456789abcdef", "%x", &i); Will not produce the correct result because the value obviously overflows INT_MAX. But sscanf will report a successful conversion. Note that where a very large number is used to mean "unlimited", the value INT_MAX is used for consistency with the behaviour of vsnprintf(). Signed-off-by: Richard Fitzgerald <rf@opensource.cirrus.com> Reviewed-by: Petr Mladek <pmladek@suse.com> Signed-off-by: Petr Mladek <pmladek@suse.com> Link: https://lore.kernel.org/r/20210514161206.30821-2-rf@opensource.cirrus.com
12 lines
411 B
C
12 lines
411 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _LIB_KSTRTOX_H
|
|
#define _LIB_KSTRTOX_H
|
|
|
|
#define KSTRTOX_OVERFLOW (1U << 31)
|
|
const char *_parse_integer_fixup_radix(const char *s, unsigned int *base);
|
|
unsigned int _parse_integer_limit(const char *s, unsigned int base, unsigned long long *res,
|
|
size_t max_chars);
|
|
unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long *res);
|
|
|
|
#endif
|