Re: [Patch 1/3] sysctl: refactor integer handling proc code

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Cong Wang <amwang@redhat.com>
To: Octavian Purdila <opurdila@ixiacom.com>
Cc: Changli Gao <xiaosuo@gmail.com>,
	linux-kernel@vger.kernel.org,
	Eric Dumazet <eric.dumazet@gmail.com>,
	netdev@vger.kernel.org, Neil Horman <nhorman@tuxdriver.com>,
	David Miller <davem@davemloft.net>,
	ebiederm@xmission.com
Subject: Re: [Patch 1/3] sysctl: refactor integer handling proc code
Date: Mon, 12 Apr 2010 14:30:15 +0800	[thread overview]
Message-ID: <4BC2BDF7.6020900@redhat.com> (raw)
In-Reply-To: <201004091640.44056.opurdila@ixiacom.com>

Octavian Purdila wrote:
> Hi and thanks for reviewing.
> 
> On Friday 09 April 2010 13:49:12 you wrote:
>>> + *
>>> + * In case of success 0 is returned and buf and size are updated with
>>> + * the amount of bytes read. If tr is non NULL and a trailing
>>> + * character exist (size is non zero after returning from this
>>> + * function) tr is updated with the trailing character.
>>> + */
>>> +static int proc_get_ulong(char __user **buf, size_t *size,
>>> +                         unsigned long *val, bool *neg,
>>> +                         const char *perm_tr, unsigned perm_tr_len, char
>>> *tr) +{
>>> +       int len;
>>> +       char *p, tmp[TMPBUFLEN];
>>> +
>>> +       if (!*size)
>>> +               return -EINVAL;
>>> +
>>> +       len = *size;
>>> +       if (len > TMPBUFLEN-1)
>>> +               len = TMPBUFLEN-1;
>>> +
>>> +       if (copy_from_user(tmp, *buf, len))
>>> +               return -EFAULT;
>>> +
>>> +       tmp[len] = 0;
>>> +       p = tmp;
>>> +       if (*p == '-' && *size > 1) {
>>> +               *neg = 1;
>>> +               p++;
>>> +       } else
>>> +               *neg = 0;
>> the function name implies that it is used to parse unsigned long, so
>> negative value should not be supported.
>>
> 
> My intention was to signal that the argument is unsigned long and that the 
> sign come separate in neg, but I am OK with changing the function name to 
> proc_get_long() if you think that is better.
> 
>>> +       if (!isdigit(*p))
>>> +               return -EINVAL;
>> It seems that ledding white space should be allowed, so this check
>> isn't needed, and simple_strtoul can handle it.
>>
> 
> Leading white space is skipped with proc_skip_space before calling this 
> function. AFAICS simple_strtoul does not handle whitespaces.


Right, callers already skip spaces.

> 
>>> +
>>> +       *val = simple_strtoul(p, &p, 0);
>>> +
>>> +       len = p - tmp;
>>> +
>>> +       /* We don't know if the next char is whitespace thus we may
>>> accept +        * invalid integers (e.g. 1234...a) or two integers
>>> instead of one +        * (e.g. 123...1). So lets not allow such large
>>> numbers. */ +       if (len == TMPBUFLEN - 1)
>>> +               return -EINVAL;
>>> +
>>> +       if (len < *size && perm_tr_len && !isanyof(*p, perm_tr,
>>> perm_tr_len)) +               return -EINVAL;
>> is strspn() better?
>>
> 
> I don't  think it will work out, \0 is an accepted trailer for many of the 
> function which use this function.
> 

Yes, that is why 'len' is the last parameter of isanyof().


> 
>>> +
>>> +       if (tr && (len < *size))
>>> +               *tr = *p;
>>> +
>>> +       *buf += len;
>>> +       *size -= len;
>>> +
>>> +       return 0;
>>> +}
>>> +
>>> +/**
>>> + * proc_put_ulong - coverts an integer to a decimal ASCII formated
>>> string + *
>>> + * @buf - the user buffer
>>> + * @size - the size of the user buffer
>>> + * @val - the integer to be converted
>>> + * @neg - sign of the number, %TRUE for negative
>>> + * @first - if %FALSE will insert a separator character before the
>>> number + * @separator - the separator character
>>> + *
>>> + * In case of success 0 is returned and buf and size are updated with
>>> + * the amount of bytes read.
>>> + */
>>> +static int proc_put_ulong(char __user **buf, size_t *size, unsigned long
>>> val, +                         bool neg, bool first, char separator)
>>> +{
>>> +       int len;
>>> +       char tmp[TMPBUFLEN], *p = tmp;
>>> +
>>> +       if (!first)
>>> +               *p++ = separator;
>>> +       sprintf(p, "%s%lu", neg ? "-" : "", val);
>> negative should not be supported too.
>>
> 
> We need negatives in proc_dointvec, again we can change the function name if 
> it will clear things up.
> 


Yeah, I will change them to proc_{get,put}_long().


> <snip>
>>>                int val = *valp;
>>>                unsigned long lval;
>>>                if (val < 0) {
>>> -                       *negp = -1;
>>> +                       *negp = 1;
>>>                        lval = (unsigned long)-val;
>>>                } else {
>>>                        *negp = 0;
>> These functions have so much lines of code. I think you can make them
>> less. Please refer to strsep().
>>
> 
> Hmm, the input its pretty permissive and maybe this is why it looks so fat, we 
> need to account for quite a few cases. 
> 

Because the original code is messy and already has much lines.

Thanks.

next prev parent reply	other threads:[~2010-04-12  6:26 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-04-09 10:10 [Patch v7 0/3] net: reserve ports for applications using fixed port numbers Amerigo Wang
2010-04-09 10:11 ` [Patch 1/3] sysctl: refactor integer handling proc code Amerigo Wang
2010-04-09 10:49   ` Changli Gao
2010-04-09 13:40     ` Octavian Purdila
2010-04-12  6:30       ` Cong Wang [this message]
2010-04-09 10:11 ` [Patch 2/3] sysctl: add proc_do_large_bitmap Amerigo Wang
2010-04-09 10:33   ` Changli Gao
2010-04-09 12:35     ` Octavian Purdila
2010-04-12  6:32     ` Cong Wang
2010-04-09 10:11 ` [Patch 3/3] net: reserve ports for applications using fixed port numbers Amerigo Wang
2010-04-09 13:21   ` Tetsuo Handa
2010-04-12  6:52     ` Cong Wang
2010-04-12  7:06       ` Tetsuo Handa
  -- strict thread matches above, loose matches on Subject: below --
2010-04-12 10:03 [Patch v8 0/3] " Amerigo Wang
2010-04-12 10:04 ` [Patch 1/3] sysctl: refactor integer handling proc code Amerigo Wang
2010-04-12 10:18   ` Alexey Dobriyan
2010-04-13  7:35     ` Cong Wang
2010-04-12 10:18   ` Alexey Dobriyan
2010-04-30  8:25 [Patch v9 0/3] net: reserve ports for applications using fixed port numbers Amerigo Wang
2010-04-30  8:25 ` [Patch 1/3] sysctl: refactor integer handling proc code Amerigo Wang
2010-04-30 22:49   ` Changli Gao
2010-05-05  3:02     ` Cong Wang
2010-05-05 10:26 [Patch v10 0/3] net: reserve ports for applications using fixed port numbers Amerigo Wang
2010-05-05 10:26 ` [Patch 1/3] sysctl: refactor integer handling proc code Amerigo Wang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4BC2BDF7.6020900@redhat.com \
    --to=amwang@redhat.com \
    --cc=davem@davemloft.net \
    --cc=ebiederm@xmission.com \
    --cc=eric.dumazet@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=nhorman@tuxdriver.com \
    --cc=opurdila@ixiacom.com \
    --cc=xiaosuo@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).