• Richard Fitzgerald's avatar
    lib: vsprintf: Fix handling of number field widths in vsscanf · 900fdc45
    Richard Fitzgerald authored
    The existing code attempted to handle numbers by doing a strto[u]l(),
    ignoring the field width, and then repeatedly dividing to extract the
    field out of the full converted value. If the string contains a run of
    valid digits longer than will fit in a long or long long, this would
    overflow and no amount of dividing can recover the correct value.
    
    This patch fixes vsscanf() to obey number field widths when parsing
    the number.
    
    A new _parse_integer_limit() is added that takes a limit for the number
    of characters to parse. The number field conversion in vsscanf is changed
    to use this new function.
    
    If a number starts with a radix prefix, the field width  must be long
    enough for at last one digit after the prefix. If not, it will be handled
    like this:
    
     sscanf("0x4", "%1i", &i): i=0, scanning continues with the 'x'
     sscanf("0x4", "%2i", &i): i=0, scanning continues with the '4'
    
    This is consistent with the observed behaviour of userland sscanf.
    
    Note that this patch does NOT fix the problem of a single field value
    overflowing the target type. So for example:
    
      sscanf("123456789abcdef", "%x", &i);
    
    Will not produce the correct result because the value obviously overflows
    INT_MAX. But sscanf will report a successful conversion.
    
    Note that where a very large number is used to mean "unlimited", the value
    INT_MAX is used for consistency with the behaviour of vsnprintf().
    Signed-off-by: default avatarRichard Fitzgerald <rf@opensource.cirrus.com>
    Reviewed-by: default avatarPetr Mladek <pmladek@suse.com>
    Signed-off-by: default avatarPetr Mladek <pmladek@suse.com>
    Link: https://lore.kernel.org/r/20210514161206.30821-2-rf@opensource.cirrus.com
    900fdc45
kstrtox.c 10.7 KB