| Message ID | 20180830223847.1803-1-honli@redhat.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | Hal Rosenstock |
| Headers | show |
| Series | [opensm,v2,1/2] osm_prtn_config.c: Sanity check the value of mgroup_flag flag | expand |
On Fri, Aug 31, 2018 at 06:38:46AM +0800, Honggang LI wrote: > From: Honggang Li <honli@redhat.com> > > As all flags are unsigned integer in different size, sanity check the > value before covert the value to unsigned integer with 'strtoul'. Isn't strtoul should do his job? From man: "If endptr is not NULL, strtoul() stores the address of the first invalid character in *endptr". > > Signed-off-by: Honggang Li <honli@redhat.com> > --- > opensm/osm_prtn_config.c | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > > diff --git a/opensm/osm_prtn_config.c b/opensm/osm_prtn_config.c > index f76ad4d4..16b61204 100644 > --- a/opensm/osm_prtn_config.c > +++ b/opensm/osm_prtn_config.c > @@ -273,6 +273,19 @@ static int parse_group_flag(unsigned lineno, osm_log_t * p_log, > { > int rc = 0; > int len = strlen(flag); > + > + char *tmp = val; > + while (tmp && '\0' != *tmp) { > + if (!isxdigit(*tmp)) { > + OSM_LOG(p_log, OSM_LOG_VERBOSE, > + "PARSE WARN: line %d: " > + "suspicious val=(%s) detected. " > + "flag=(%s)\n", lineno, val, flag); > + return rc; > + } > + tmp++; > + } > + > if (!strncmp(flag, "mtu", len)) { > rc = 1; > if (!val || (flags->mtu = strtoul(val, NULL, 0)) == 0) > -- > 2.14.4 >
On Mon, Sep 03, 2018 at 12:49:42PM +0300, Yuval Shaia wrote: > On Fri, Aug 31, 2018 at 06:38:46AM +0800, Honggang LI wrote: > > From: Honggang Li <honli@redhat.com> > > > > As all flags are unsigned integer in different size, sanity check the > > value before covert the value to unsigned integer with 'strtoul'. > > Isn't strtoul should do his job? > From man: > "If endptr is not NULL, strtoul() stores the address of the first invalid > character in *endptr". > Agreed. Please drop this patch and review new patch: "parse_group_flag log suspicious group flag value" thanks
diff --git a/opensm/osm_prtn_config.c b/opensm/osm_prtn_config.c index f76ad4d4..16b61204 100644 --- a/opensm/osm_prtn_config.c +++ b/opensm/osm_prtn_config.c @@ -273,6 +273,19 @@ static int parse_group_flag(unsigned lineno, osm_log_t * p_log, { int rc = 0; int len = strlen(flag); + + char *tmp = val; + while (tmp && '\0' != *tmp) { + if (!isxdigit(*tmp)) { + OSM_LOG(p_log, OSM_LOG_VERBOSE, + "PARSE WARN: line %d: " + "suspicious val=(%s) detected. " + "flag=(%s)\n", lineno, val, flag); + return rc; + } + tmp++; + } + if (!strncmp(flag, "mtu", len)) { rc = 1; if (!val || (flags->mtu = strtoul(val, NULL, 0)) == 0)