mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
lib: vsprintf: Fix handling of number field widths in vsscanf
The existing code attempted to handle numbers by doing a strto[u]l(),
ignoring the field width, and then repeatedly dividing to extract the
field out of the full converted value. If the string contains a run of
valid digits longer than will fit in a long or long long, this would
overflow and no amount of dividing can recover the correct value.
This patch fixes vsscanf() to obey number field widths when parsing
the number.
A new _parse_integer_limit() is added that takes a limit for the number
of characters to parse. The number field conversion in vsscanf is changed
to use this new function.
If a number starts with a radix prefix, the field width must be long
enough for at last one digit after the prefix. If not, it will be handled
like this:
sscanf("0x4", "%1i", &i): i=0, scanning continues with the 'x'
sscanf("0x4", "%2i", &i): i=0, scanning continues with the '4'
This is consistent with the observed behaviour of userland sscanf.
Note that this patch does NOT fix the problem of a single field value
overflowing the target type. So for example:
sscanf("123456789abcdef", "%x", &i);
Will not produce the correct result because the value obviously overflows
INT_MAX. But sscanf will report a successful conversion.
Note that where a very large number is used to mean "unlimited", the value
INT_MAX is used for consistency with the behaviour of vsnprintf().
Signed-off-by: Richard Fitzgerald <rf@opensource.cirrus.com>
Reviewed-by: Petr Mladek <pmladek@suse.com>
Signed-off-by: Petr Mladek <pmladek@suse.com>
Link: https://lore.kernel.org/r/20210514161206.30821-2-rf@opensource.cirrus.com
This commit is contained in:
Richard Fitzgerald
Petr Mladek
parent
11b3dda5e8
commit
900fdc4573
3 changed files with 60 additions and 37 deletions
|
|
@ -39,20 +39,22 @@ const char *_parse_integer_fixup_radix(const char *s, unsigned int *base)
|
|||
|
||||
/*
|
||||
* Convert non-negative integer string representation in explicitly given radix
|
||||
* to an integer.
|
||||
* to an integer. A maximum of max_chars characters will be converted.
|
||||
*
|
||||
* Return number of characters consumed maybe or-ed with overflow bit.
|
||||
* If overflow occurs, result integer (incorrect) is still returned.
|
||||
*
|
||||
* Don't you dare use this function.
|
||||
*/
|
||||
unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long *p)
|
||||
unsigned int _parse_integer_limit(const char *s, unsigned int base, unsigned long long *p,
|
||||
size_t max_chars)
|
||||
{
|
||||
unsigned long long res;
|
||||
unsigned int rv;
|
||||
|
||||
res = 0;
|
||||
rv = 0;
|
||||
while (1) {
|
||||
while (max_chars--) {
|
||||
unsigned int c = *s;
|
||||
unsigned int lc = c | 0x20; /* don't tolower() this line */
|
||||
unsigned int val;
|
||||
|
|
@ -82,6 +84,11 @@ unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long
|
|||
return rv;
|
||||
}
|
||||
|
||||
unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long *p)
|
||||
{
|
||||
return _parse_integer_limit(s, base, p, INT_MAX);
|
||||
}
|
||||
|
||||
static int _kstrtoull(const char *s, unsigned int base, unsigned long long *res)
|
||||
{
|
||||
unsigned long long _res;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue