{"id":16035,"url":"https://patchwork.libcamera.org/api/1.1/patches/16035/?format=json","web_url":"https://patchwork.libcamera.org/patch/16035/","project":{"id":1,"url":"https://patchwork.libcamera.org/api/1.1/projects/1/?format=json","name":"libcamera","link_name":"libcamera","list_id":"libcamera_core","list_email":"libcamera-devel@lists.libcamera.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20220524225816.6830-10-laurent.pinchart@ideasonboard.com>","date":"2022-05-24T22:58:13","name":"[libcamera-devel,RFC,09/12] libcamera: yaml_parser: Fix range checks for 32-bit integers","commit_ref":null,"pull_url":null,"state":"accepted","archived":false,"hash":"5b3f51e79c7f1ebbff7c40ae7fcac489ad1b28a8","submitter":{"id":2,"url":"https://patchwork.libcamera.org/api/1.1/people/2/?format=json","name":"Laurent Pinchart","email":"laurent.pinchart@ideasonboard.com"},"delegate":null,"mbox":"https://patchwork.libcamera.org/patch/16035/mbox/","series":[{"id":3135,"url":"https://patchwork.libcamera.org/api/1.1/series/3135/?format=json","web_url":"https://patchwork.libcamera.org/project/libcamera/list/?series=3135","date":"2022-05-24T22:58:04","name":"Replace boost JSON parser with libyaml in Raspberry Pi IPA","version":1,"mbox":"https://patchwork.libcamera.org/series/3135/mbox/"}],"comments":"https://patchwork.libcamera.org/api/patches/16035/comments/","check":"pending","checks":"https://patchwork.libcamera.org/api/patches/16035/checks/","tags":{},"headers":{"Return-Path":"","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id 47EE3C326D\n\tfor ;\n\tTue, 24 May 2022 22:58:39 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id E4B6F65680;\n\tWed, 25 May 2022 00:58:38 +0200 (CEST)","from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id D8B1565663\n\tfor ;\n\tWed, 25 May 2022 00:58:29 +0200 (CEST)","from pendragon.ideasonboard.com (ip-109-40-241-133.web.vodafone.de\n\t[109.40.241.133])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 4730D1287;\n\tWed, 25 May 2022 00:58:29 +0200 (CEST)"],"DKIM-Signature":["v=1; a=rsa-sha256; c=relaxed/simple; d=libcamera.org;\n\ts=mail; t=1653433118;\n\tbh=q5bcKpUKf2VCUYBU6wO/nSr1MvL3jZOliCxcDfokEEo=;\n\th=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe:\n\tList-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:\n\tFrom;\n\tb=zLGkl0oqi3TYWg7sq3CHYyreJasoWefk55gnHvVZPl9eGSodlgID+8B5pkOs0Zz3q\n\tl6bJYGt5AobNYwEp9NY2RTG7peOghESyRJWhfIyPGCkJvmGs12EftWRvA1A52zE6b+\n\tzDX9p8op5DPMG7g9ExW1qPuA9DmJhEVBeWmAAWOqiM34e7kbGU6it4/eou/DtYqI0X\n\tNt9/R6tqfwWo9dJbKqGfCRQdgngODP4cDTNvWM5huN9bwytf7bm4BkMeLpwqzH1xBC\n\tVg4osPIuvoYK9U7UmjQ5fY4VszChac4oK3j5/KwvpG4Rv7fe6usGtf9T5LZk3mynNX\n\tvinjf8ZMCb8bQ==","v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1653433109;\n\tbh=q5bcKpUKf2VCUYBU6wO/nSr1MvL3jZOliCxcDfokEEo=;\n\th=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n\tb=ijFG2eamASjaq2uNB1q/vWEkPwjqmnoLdrAQtFsOYF12dvzkFQS/TF5wt54oJBtAh\n\tEmZw8GsnOv4nQJA3t00caBtqcGPKUghKSaQ4jVLt5Ox5s6RY3iTbJVL22X4Y7crSBo\n\t4A2Rbfm/uxIMU1YvzRhcG421MwpfkWkr7/a3o56k="],"Authentication-Results":"lancelot.ideasonboard.com; dkim=pass (1024-bit key; \n\tunprotected) header.d=ideasonboard.com\n\theader.i=@ideasonboard.com\n\theader.b=\"ijFG2eam\"; dkim-atps=neutral","To":"libcamera-devel@lists.libcamera.org","Date":"Wed, 25 May 2022 01:58:13 +0300","Message-Id":"<20220524225816.6830-10-laurent.pinchart@ideasonboard.com>","X-Mailer":"git-send-email 2.35.1","In-Reply-To":"<20220524225816.6830-1-laurent.pinchart@ideasonboard.com>","References":"<20220524225816.6830-1-laurent.pinchart@ideasonboard.com>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Subject":"[libcamera-devel] [RFC PATCH 09/12] libcamera: yaml_parser: Fix\n\trange checks for 32-bit integers","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","From":"Laurent Pinchart via libcamera-devel\n\t","Reply-To":"Laurent Pinchart ","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" "},"content":"The strtol() and strtoul() functions return long integers, which may be\nlarger than 32-bit integers. Add manual range checks.\n\nSigned-off-by: Laurent Pinchart \n---\n src/libcamera/yaml_parser.cpp | 13 +++++++++----\n 1 file changed, 9 insertions(+), 4 deletions(-)","diff":"diff --git a/src/libcamera/yaml_parser.cpp b/src/libcamera/yaml_parser.cpp\nindex 65b9a9097375..f0b5eb96449b 100644\n--- a/src/libcamera/yaml_parser.cpp\n+++ b/src/libcamera/yaml_parser.cpp\n@@ -10,6 +10,7 @@\n #include \n #include \n #include \n+#include \n \n #include \n #include \n@@ -151,9 +152,11 @@ int32_t YamlObject::get(const int32_t &defaultValue, bool *ok) const\n \tchar *end;\n \n \terrno = 0;\n-\tint32_t value = std::strtol(value_.c_str(), &end, 10);\n+\tlong value = std::strtol(value_.c_str(), &end, 10);\n \n-\tif ('\\0' != *end || errno == ERANGE)\n+\tif ('\\0' != *end || errno == ERANGE ||\n+\t value < std::numeric_limits::min() ||\n+\t value > std::numeric_limits::max())\n \t\treturn defaultValue;\n \n \tsetOk(ok, true);\n@@ -185,9 +188,11 @@ uint32_t YamlObject::get(const uint32_t &defaultValue, bool *ok) const\n \tchar *end;\n \n \terrno = 0;\n-\tuint32_t value = std::strtoul(value_.c_str(), &end, 10);\n+\tunsigned long value = std::strtoul(value_.c_str(), &end, 10);\n \n-\tif ('\\0' != *end || errno == ERANGE)\n+\tif ('\\0' != *end || errno == ERANGE ||\n+\t value < std::numeric_limits::min() ||\n+\t value > std::numeric_limits::max())\n \t\treturn defaultValue;\n \n \tsetOk(ok, true);\n","prefixes":["libcamera-devel","RFC","09/12"]}