Re: [PATCH 1/2] sysctl: add overflow detection to proc_get_long()

From: Christian Brauner
Date: Mon Oct 15 2018 - 00:48:19 EST


On October 15, 2018 2:03:10 AM GMT+02:00, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>On Sun, Oct 14, 2018 at 08:53:46PM +0200, Christian Brauner wrote:
>
>> > Yecchh... First of all, the cast back to unsigned long long is
>completely
>> > pointless. What's more,
>>
>> Sorry, seriously asking: why? This was meant to handle the case where
>> sizeof(unsigned long long) != sizeof(unsigned long) and I just looked
>at
>> _kstrtoul() which does the same:
>>
>> int _kstrtoul(const char *s, unsigned int base, unsigned long *res)
>> {
>> unsigned long long tmp;
>> int rv;
>>
>> rv = kstrtoull(s, base, &tmp);
>> if (rv < 0)
>> return rv;
>> if (tmp != (unsigned long long)(unsigned long)tmp)
>> return -ERANGE;
>> *res = tmp;
>> return 0;
>> }
>>
>> Sorry, if I'm being dense here.
>
>C quiz:
> given that type of e1 is unsigned long long and type of e2 -
>unsigned long, what conversions are going to happen in e1 == e2?

Yeah, I know that.
As I said in my reply to Alexey before: I
thought you were saying the whole right
side of the disjunction was not needed.

I also do like the explicit recast and
followed what all of the other kstr*()
functions are doing.
Alexey sent a fix for all of them just
a few hours ago [1] which - imho - is
really not necessary. There's no harm
done by this and it's a fairly widely used
pattern.

That being said, happy to remove the
second explicit cast.

[1]: https://lkml.org/lkml/2018/10/15/22

>
>[relevant part of C standard: 6.5.9 (Equality operators),
>6.3.1.8 (Usual arithmetic conversions)]