[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH -next 2/3] xen: balloon: Replaced simple_strtoull() with kstrtoull()
On Thu, May 27, 2021 at 02:10:21PM +0000, David Laight wrote: > From: Chen Huang > > Sent: 26 May 2021 10:20 > > > > The simple_strtoull() function is deprecated in some situation, since > > it does not check for the range overflow, use kstrtoull() instead. > > > ... > > - target_bytes = simple_strtoull(buf, &endchar, 0) * 1024; > > + ret = kstrtoull(buf, 0, &target_bytes); > > + if (ret) > > + return ret; > > + target_bytes *= 1024; > > I'd have thought it was more important to check *endchar > than overflow. That's one of the differences between simple_strtoull() and kstrtoull(). The simple_strtoull() will accept a string like "123ABC", but kstrtoull() will only accept NUL terminated numbers or a newline followed by a NUL terminator. Which is fine in this context because users will be doing "echo 1234 > /sys/foo". > If you are worried about overflow you need a range check > before the multiply. This is probably a case where if the users cause an integer overflow then they get what they deserve. regards, dan carpenter
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |