From: Stephen Hemminger <step...@networkplumber.org> Sent: Wednesday, October 23, 2024 9:46 PM To: Hanumanth Reddy Pothula <hpoth...@marvell.com> Cc: Jerin Jacob <jer...@marvell.com>; dev@dpdk.org; Harman Kalra <hka...@marvell.com> Subject: [EXTERNAL] Re: [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
On Wed, 23 Oct 2024 12: 45: 46 +0530 Hanumanth Pothula <hpothula@ marvell. com> wrote: > static int > -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque) > +ssovf_parsekv(const char *key, const char *value, On Wed, 23 Oct 2024 12:45:46 +0530 Hanumanth Pothula <hpoth...@marvell.com<mailto:hpoth...@marvell.com>> wrote: > static int > -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque) > +ssovf_parsekv(const char *key, const char *value, void *opaque) > { > - int *flag = opaque; > - *flag = !!atoi(value); > + uint8_t *flag = opaque; > + uint64_t v; > + char *end; > + > + errno = 0; > + v = (uint8_t)strtoul(value, &end, 0); Cast will cause truncation of large values. Maybe: v = strtoul(value, &end, 0); if (errno != 0 || value == end || *end != '\0' || v > UINT8_MAX) { ... Thanks for the review/comment. Here, the value can only be ‘0’ or ‘1’, so truncation won’t be an issue. > + if ((errno != 0) || (value == end) || *end != '\0') { > + ssovf_log_err("invalid %s value %s", key, value); > + return -EINVAL; > + } > + > + *flag = !!v; > return 0; > }
