When a numerical command line param value is out of range or contains
garbage (both tgtd and tgtadm), this remains unchecked in many cases.
In some of them 0 value will be used, which may lead to unpredicted or
"silently" faulty behavior.
This fix defines a new macro str_to_val() which uses strtoull() and
detects its errors properly, by checking
1) errno (range errors) and 2) comparing endptr to the original argument
(they remain equal in case of non-numerical garbage);
created
Signed-off-by: Alexander Nezhinsky <alexandern@xxxxxxxxxxxx>
---
usr/util.h | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/usr/util.h b/usr/util.h
index d4e9406..d362903 100644
--- a/usr/util.h
+++ b/usr/util.h
@@ -8,6 +8,7 @@
#include <signal.h>
#include <syscall.h>
#include <unistd.h>
+#include <limits.h>
#include <linux/types.h>
#include "be_byteshift.h"
@@ -138,4 +139,22 @@ struct signalfd_siginfo {
};
#endif
+#define str_to_val(str, name, val, minv, maxv) \
+({ \
+ char *ptr; \
+ int ret = 0; \
+ val = (typeof(val)) strtoull(str, &ptr, 0); \
+ if (errno || ptr == str) { \
+ eprintf("%s value '%s' invalid\n", \
+ name ? name : "", str); \
+ ret = EINVAL; \
+ } \
+ else if (val < minv || val > maxv) { \
+ eprintf("%s value '%s' out of range\n", \
+ name ? name : "", str); \
+ ret = ERANGE; \
+ } \
+ ret; \
+})
+
#endif
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
