From: Stephen Hemminger <stephen@networkplumber.org>
Sent: Wednesday, October 23, 2024 9:46 PM
To: Hanumanth Reddy Pothula <hpothula@marvell.com>
Cc: Jerin Jacob <jerinj@marvell.com>; dev@dpdk.org; Harman Kalra <hkalra@marvell.com>
Subject: [EXTERNAL] Re: [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
On Wed, 23 Oct 2024 12: 45: 46 +0530 Hanumanth Pothula <hpothula@ marvell. com> wrote: > static int > -ssovf_parsekv(const char *key __rte_unused, const char *value,
void *opaque) > +ssovf_parsekv(const char *key, const char *value,
On Wed, 23 Oct 2024 12:45:46 +0530
Hanumanth Pothula <hpothula@marvell.com> wrote:
> static int
> -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> +ssovf_parsekv(const char *key, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = opaque;
> + uint64_t v;
> + char *end;
> +
> + errno = 0;
> + v = (uint8_t)strtoul(value, &end, 0);
Cast will cause truncation of large values.
Maybe:
v = strtoul(value, &end, 0);
if (errno != 0 || value == end || *end != '\0' || v > UINT8_MAX) {
...
Thanks for the review/comment.
Here, the value can only be ‘0’ or ‘1’, so truncation won’t be an issue.
> + if ((errno != 0) || (value == end) || *end != '\0') {
> + ssovf_log_err("invalid %s value %s", key, value);
> + return -EINVAL;
> + }
> +
> + *flag = !!v;
> return 0;
> }