Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp953160imu; Tue, 11 Dec 2018 10:06:23 -0800 (PST) X-Google-Smtp-Source: AFSGD/VO2DjIkD21/KyutNlqYBEP3APHHdj7RrN2Z0rC0yG5kDcJ7RYcXWLZD5TwWNDUr7XBbfOQ X-Received: by 2002:a17:902:76cb:: with SMTP id j11mr9583311plt.179.1544551583881; Tue, 11 Dec 2018 10:06:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544551583; cv=none; d=google.com; s=arc-20160816; b=VMoZN+8giqJE225WClUOSRgktaKw253+LotEbsHDQ3ZtEzYAjXfn8ZRuTjyomIhO53 /Bhil4PLVxirmCPIDPeAWLt/T59gVaMU4FaThBS0RZUviwV2wqfLBe/hwKMalknTEda/ gTdbUgS0+Dt6A94J2eKdTEslrY53oCFE4PiT5wbD1NmkBwrAvl/0rZq/0UyaDHYxByWm whJtEQGo1J4JWtuweGKtRXWdPZi4AI2FzyO0+tdHyTw7o0wvMmaPSOd0xu+X/u17Mtmn aLvgY6qnQJRbvjgPamreQrJLcSsXEmR4nF0oWTR7XSigTjqz5jJEUQjjRwgx1QYwTU+1 4qWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:organization:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=z85YbDy/lSgwWJrk7ak6sM/rmqMq2rehs2QPU0FJeTA=; b=pNDDDVCAgyAV0bDe5XdHU7o/o5I0Q8RBlfwpTHfjgwQEwzu4dm0yN7M1WBeQnqK1nG r1QH/85SF4cxgc/3gK26VSiHVa2+st6yf1BGl6G+MRs7GRE7wJhmsXHP+3hrEzj3SNzb PqCeDBh2BzU8Qkk1Ewm5h7rnKf0WrTBrtwqz4jqQZ0Yd4+TnApvT1Bj8VyG06H3+bGxr MhOs8/zSQoUmPGhmkuvG9EBqdhMzGooNd92PIEo6gdWtcGVLzQ95IOGSwPbZOjazERIa 6bI+0JIJikhpkTQiz/6NiF7b2lpQFLk65MFG95n1MBaXWK1QTKfwXOW+7CRkaZAxSyEF Wl5w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v6si13626886pfb.178.2018.12.11.10.06.08; Tue, 11 Dec 2018 10:06:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726955AbeLKSFE (ORCPT + 99 others); Tue, 11 Dec 2018 13:05:04 -0500 Received: from mga11.intel.com ([192.55.52.93]:62974 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726241AbeLKSFE (ORCPT ); Tue, 11 Dec 2018 13:05:04 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Dec 2018 10:05:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,343,1539673200"; d="scan'208";a="282759412" Received: from smile.fi.intel.com (HELO smile) ([10.237.72.86]) by orsmga005.jf.intel.com with ESMTP; 11 Dec 2018 10:05:00 -0800 Received: from andy by smile with local (Exim 4.91) (envelope-from ) id 1gWmOw-0002DZ-TV; Tue, 11 Dec 2018 20:04:58 +0200 Date: Tue, 11 Dec 2018 20:04:58 +0200 From: Andy Shevchenko To: Linus Torvalds Cc: thomas.preston@codethink.co.uk, Andrew Morton , Petr Mladek , Steven Rostedt , geert+renesas@glider.be, Jonathan Corbet , tcharding , Sergey Senozhatsky , Linux List Kernel Mailing , ben.dooks@codethink.co.uk Subject: Re: [PATCH 2/2] vsprintf: Stop using obsolete simple_strtoul() Message-ID: <20181211180458.GE10650@smile.fi.intel.com> References: <20181211152113.8523-1-thomas.preston@codethink.co.uk> <20181211152113.8523-3-thomas.preston@codethink.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Dec 11, 2018 at 09:22:22AM -0800, Linus Torvalds wrote: > On Tue, Dec 11, 2018 at 7:21 AM Thomas Preston > wrote: > > > > Stop using the obsolete functions simple_strtoul() and > > simple_strtoull(). Instead, we should use the improved kstrtol() and > > kstrtoll() functions. To do this, we must copy the current field into a > > null-terminated tmpstr and advance the variable `next` manually. > > I see what you're trying to do, but this fix is much much worse than > the bug was. > > > + if (field_width > 0) { > > + char tmpstr[INT_BUF_LEN]; > > + int ret; > > + > > + strscpy(tmpstr, str, field_width+1); > > If field_width is larger than INT_BUF_LEN, you are now corrupting kernel stack. > > And no, you can't fix it by limiting field_width, since a large > field_width is quite possible and might even be valid - and still fit > in an int. Maybe the number is > > 000000000000000000000001 > > or something? > > A fix might be to skip leading zeroes. > > Honestly, just do it by hand. Don't use kstrol and friends at all. > Just do something like > > unsigned long long val = 0; > p = str; > for (;;) { > int c; > if (field_width > 0 && p - str >= field_width) > break; > c = hexval(*p++); > if (c < 0 || c > base) > break; > val = val * base + c; > // check for overflow I think it's slightly more complicated, I run the following test case on glibc: uint32_t hi, lo, t; sscanf("00fafafafa0d0b0b0b0c000000", "%8x%8x%x", &hi, &lo, &t); 64-bit: HI: 00fafafa LO: fa0d0b0b (c000000) 32-bit: HI: 00fafafa LO: fa0d0b0b (ffffffff) > } > /* Now do "sign" and range checking on val */ > /* Ta-daa, all done */ > > or similar. Treat the above as pseudo-code, I didn't fill in all the details. > > Linus -- With Best Regards, Andy Shevchenko