Re: [PATCH v8 02/10] lib: kstrtox: add kstrntoull() helper

[David Laight]

On Tue, 10 Mar 2026 09:26:11 +0000
Rodrigo Alencar <455.rodrigo.alencar@xxxxxxxxx> wrote:

> On 26/03/04 11:41AM, Rodrigo Alencar wrote:
> > On 26/03/04 10:16AM, David Laight wrote:  
> > > On Tue, 03 Mar 2026 13:27:07 +0000
> > > Rodrigo Alencar via B4 Relay <devnull+rodrigo.alencar.analog.com@xxxxxxxxxx> wrote:
> > >   
> > > > From: Rodrigo Alencar <rodrigo.alencar@xxxxxxxxxx>
> > > > 
> > > > Add kstrntoull() function, which converts a string to an ULL with a max
> > > > character limit. The function is an alternative integer parsing function
> > > > that does not require a null-terminated string. It becomes a better option
> > > > over simple_strtoull() or kstrtoull() when parsing integers from a buffer
> > > > with custom delimiters without having to create temporary copies.
> > > > The function is consumed inside the implementation _kstrtoull(),
> > > > promoting reuse.  
> > > 
> > > If you've got custom delimiters use a function that returns a pointer
> > > to the character that terminated the conversion.
> > > They save you having to find the delimiter as well as taking a copy.  
> > 
> > understood, how about this prototype then:
> > 
> > const char __must_check *kstrntoull(const char *s, unsigned int base,
> > 				    unsigned long long *res, size_t max_chars); 
> > 
> > to be used like:
> > 
> > 	end = kstrntoull(s, base, &res, INT_MAX);
> > 	if (IS_ERR(end)) {
> > 		/* return or handle error */
> > 		return PTR_ERR(end);
> > 	}  
> 
> Hi David,
> 
> Do you have any other feedback? the function prototype can also be changed as
> follows:
> 
> int __must_check *kstrntoull(const char *s, const char **endp, unsigned int base,
> 			     unsigned long long *res, size_t max_chars);
> 
> so that a pointer to the terminated character is passes as a parameter.
> which one would be the preference?
> 

I really don't see why you need to add 'yet another' function for parsing
integers.
Having to pre-scan the string for a separator seems just wrong.
The userspace strtoul() family do everything quite nicely apart from
overflow/limit checking.
There are a few options for overflow:
- Ignore it, this used to be what posix/sus allowed for command lines.
- Saturate.
- Return a pointer to the digit that makes the value too big as the
  termination character - since the code will typically expect one
  of ",.:-" this will be a syntax error.

It might be worth adding a parameter for the maximum value.
Then you only need one real function for 32bit and 64bit values.
But you also really want the use the function return value for the
converted number (for all sorts of reasons).

	David