[ovs-dev] [PATCH] lib/util: Input validation in str_to_uint
Zoltan Kiss
zoltan.kiss at citrix.com
Tue Apr 22 17:27:18 UTC 2014
This function returns true when 's' is negative or greater than UINT_MAX. Also,
the representation of 'int' and 'unsigned int' is implementation dependent, so
converting [INT_MAX..UINT_MAX] values with str_to_int is fragile.
Instead, we should convert straight to 'long long' and do a boundary check
before returning the converted value.
Signed-off-by: Zoltan Kiss <zoltan.kiss at citrix.com>
---
diff --git a/lib/util.h b/lib/util.h
index aff17a5..9b677c5 100644
--- a/lib/util.h
+++ b/lib/util.h
@@ -294,7 +294,16 @@ bool str_to_llong(const char *, int base, long long *);
static inline bool
str_to_uint(const char *s, int base, unsigned int *u)
{
- return str_to_int(s, base, (int *) u);
+ long long ll;
+ bool ok = str_to_llong(s, base, &ll);
+ if (OVS_UNLIKELY(!ok || (ll < 0) || (ll > UINT_MAX))) {
+ *u = 0;
+ return false;
+ }
+ else {
+ *u = ll;
+ return true;
+ }
}
static inline bool
More information about the dev
mailing list