From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.71)
	id 1avqFu-00005b-6k
	for mharc-grub-devel@gnu.org; Thu, 28 Apr 2016 14:01:38 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55703)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <arvidjaar@gmail.com>) id 1avqFr-0008Qf-CV
	for grub-devel@gnu.org; Thu, 28 Apr 2016 14:01:36 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <arvidjaar@gmail.com>) id 1avqFn-0007S7-5D
	for grub-devel@gnu.org; Thu, 28 Apr 2016 14:01:35 -0400
Received: from mail-lf0-x22b.google.com ([2a00:1450:4010:c07::22b]:34338)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <arvidjaar@gmail.com>) id 1avqFm-0007Rq-UW
	for grub-devel@gnu.org; Thu, 28 Apr 2016 14:01:31 -0400
Received: by mail-lf0-x22b.google.com with SMTP id j11so105114383lfb.1
	for <grub-devel@gnu.org>; Thu, 28 Apr 2016 11:01:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=subject:to:references:from:message-id:date:user-agent:mime-version
	:in-reply-to:content-transfer-encoding;
	bh=hjEmG3/s5sE8JP70WRICoV1Bgj3PW0dDC0CT1c4LofA=;
	b=G3uATZGSrgHyryh43BhsP/vFDixlHpeJvJFW9aywvzblgDSrAMvMML0eHcekIIjmAP
	7sLUd0CRyHNi7ZlR3/iRXP/T0+1yWx6Cwv8eTCQN18vv++7GU2jtAUtIIGF64ImwSTyi
	RRDoypBW0dvGvQ7CWAfmtZWIM3dmNpm68HEkRJvNp+mw1sN4FG6IhahuO5eyz89X4E/K
	5ZcwxTHnulhsqI2IXybWCYjl6h8cyQqhn9O5K64xUW2solabt0/Ljwa9m7H6xQqX508G
	btsbcx7vNCmUis1S3+iXzmAYZKQARTo53t89cG01jkHhwwV0TO/CkhuVxkl/YNSBXBmB
	Vmow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:subject:to:references:from:message-id:date
	:user-agent:mime-version:in-reply-to:content-transfer-encoding;
	bh=hjEmG3/s5sE8JP70WRICoV1Bgj3PW0dDC0CT1c4LofA=;
	b=ShLkLyrF70ej6Hv1PsCveOhhPjPKhA3ogYphFxyF9B9Udas146nlHwUyexYjj3pO3m
	VU1pl+d/PUMVTLmx4unqwmuJ7ZkcfVTxtcca4PChhiv/vdnxG4k8mLdN37IfnbYmo8gU
	NTGoo+hF+rqug7gUuKW0VyGphZdJppFB/F5uyi3QXmt5EqK+n60cJI9pQERMq6OhGtKR
	5a0g5EEHJ2eYNDSkozAVw7+sxOqzGbXDIbmQrw0SCrCDCFe+cJSz4i4FmRldewTqFssw
	eYQiyL4kikjpoBwvZRvcK/cEcWV5tBwHcoSKQ4g8wSuqYx5Tne3q0Trf8XSIYfVGmkYN
	FMWA==
X-Gm-Message-State: AOPr4FW8fqvKLAEfxgWVMsRBAfUChaKyjhagbviSNmvpR+Z95PRohszsy9u7VJ3vWQfrJQ==
X-Received: by 10.25.27.135 with SMTP id b129mr6972282lfb.102.1461866490123;
	Thu, 28 Apr 2016 11:01:30 -0700 (PDT)
Received: from [192.168.1.42] (ppp109-252-90-74.pppoe.spdop.ru.
	[109.252.90.74])
	by smtp.gmail.com with ESMTPSA id e3sm1803963lbs.48.2016.04.28.11.01.29
	for <grub-devel@gnu.org> (version=TLSv1/SSLv3 cipher=OTHER);
	Thu, 28 Apr 2016 11:01:29 -0700 (PDT)
Subject: Re: [PATCH 1/2] misc: fix invalid character recongition in strto*l
To: The development of GNU GRUB <grub-devel@gnu.org>
References: <63E370CE-24D3-45C8-AD09-506DFC023F35@fb.com>
	<0EB0A511-382A-4B85-8F09-1163009CA653@fb.com>
From: Andrei Borzenkov <arvidjaar@gmail.com>
Message-ID: <57224FF8.1010203@gmail.com>
Date: Thu, 28 Apr 2016 21:01:28 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
	Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <0EB0A511-382A-4B85-8F09-1163009CA653@fb.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2a00:1450:4010:c07::22b
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/grub-devel/>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2016 18:01:36 -0000

28.04.2016 03:53, Aaron Miller пишет:
> Would previously allow digits larger than the base and didn't check that
> subtracting the difference from 0-9 to lowercase letters for characters
> larger than 9 didn't result in a value lower than 9, which allowed the
> parses: ` = 9, _ = 8, ^ = 7, ] = 6, \ = 5, and [ = 4

Does it cause any real problem (i.e. is it 2.02 material)?

> ---
> 
> Need to move the out-of-base check to *after* the outside [0-9] handling
> or this breaks.
> 
>  grub-core/kern/misc.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
> index 906d2c2..3653d4d 100644
> --- a/grub-core/kern/misc.c
> +++ b/grub-core/kern/misc.c
> @@ -394,9 +394,11 @@ grub_strtoull (const char *str, char **end, int base)
>        if (digit > 9)
>      {
>        digit += '0' - 'a' + 10;
> -      if (digit >= (unsigned long) base)
> +      if (digit >= (unsigned long) base || digit <= 9)

base comparison becomes redundant here. And this needs comment
explaining digit <= 9 comparison for future reference.

>          break;
>      }
> +      if (digit >= (unsigned long) base)
> +    break;
> 
>        found = 1;
>