{"id":16242,"url":"https://patchwork.libcamera.org/api/patches/16242/?format=json","web_url":"https://patchwork.libcamera.org/patch/16242/","project":{"id":1,"url":"https://patchwork.libcamera.org/api/projects/1/?format=json","name":"libcamera","link_name":"libcamera","list_id":"libcamera_core","list_email":"libcamera-devel@lists.libcamera.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20220616142403.20723-7-laurent.pinchart@ideasonboard.com>","date":"2022-06-16T14:24:02","name":"[libcamera-devel,6/7] libcamera: yaml_parser: Fix range checks for 32-bit integers","commit_ref":null,"pull_url":null,"state":"accepted","archived":false,"hash":"5b3f51e79c7f1ebbff7c40ae7fcac489ad1b28a8","submitter":{"id":2,"url":"https://patchwork.libcamera.org/api/people/2/?format=json","name":"Laurent Pinchart","email":"laurent.pinchart@ideasonboard.com"},"delegate":null,"mbox":"https://patchwork.libcamera.org/patch/16242/mbox/","series":[{"id":3181,"url":"https://patchwork.libcamera.org/api/series/3181/?format=json","web_url":"https://patchwork.libcamera.org/project/libcamera/list/?series=3181","date":"2022-06-16T14:23:56","name":"libcamera: yaml_parser: Add iterator API","version":1,"mbox":"https://patchwork.libcamera.org/series/3181/mbox/"}],"comments":"https://patchwork.libcamera.org/api/patches/16242/comments/","check":"pending","checks":"https://patchwork.libcamera.org/api/patches/16242/checks/","tags":{},"headers":{"Return-Path":"<libcamera-devel-bounces@lists.libcamera.org>","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id DAE69C3277\n\tfor <parsemail@patchwork.libcamera.org>;\n\tThu, 16 Jun 2022 14:24:28 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id D05106564E;\n\tThu, 16 Jun 2022 16:24:26 +0200 (CEST)","from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 225A965646\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tThu, 16 Jun 2022 16:24:22 +0200 (CEST)","from pendragon.lan (62-78-145-57.bb.dnainternet.fi [62.78.145.57])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 7A810898;\n\tThu, 16 Jun 2022 16:24:21 +0200 (CEST)"],"DKIM-Signature":["v=1; a=rsa-sha256; c=relaxed/simple; d=libcamera.org;\n\ts=mail; t=1655389467;\n\tbh=r9lS+1HujmZ7MfQVdOdG+DnAUFPXoJWwZN4J+mpa6RI=;\n\th=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe:\n\tList-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:\n\tFrom;\n\tb=QYYm1YIFIVI1JBUy96UebjcV5BjeKG1A7IH9SLikEMe9DfOX80robQJy/82mcPdpi\n\tFnd77PIa5p6MJdEFxiWA77KP0w+CoNCshQT7ElsHv5l155sdsb0xv8TqAQhUtfAz0W\n\tN5CtaqhOFiX1QbK9znGSWo92uqIBpu1cqH1fpp7c6TB3YzA8Q5nVJHSPMzOueDAsHt\n\tUzTO/LhuDrNhv4m5twbaszIQfafpXepxPlkdzHsMlND4gtAbTlK+ky0Y11rO8AF4an\n\tzEDOWJpCwNwm3CqFFgHa3qX5ii+oaaqieqSY+M/CrcC+avJDQWwQle+QgldExd4E6j\n\tw4CJICfxH27KQ==","v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1655389461;\n\tbh=r9lS+1HujmZ7MfQVdOdG+DnAUFPXoJWwZN4J+mpa6RI=;\n\th=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n\tb=MFfnWv8kwvMsJg2OLsCusS0b2cgaUCjOzNONzKZdU1c2DhQca7tJsRozwby2tfkrs\n\tNlBoLS6FKMQNRgEywULYZLmuyTK/LxHz43JT+aG2rAd67fkCSov8Zv209IRQYwvbsH\n\tX2XAxdFxK7+lOfgmoUVLyvIFiT7GnXzWIVo4ubu0="],"Authentication-Results":"lancelot.ideasonboard.com; dkim=pass (1024-bit key; \n\tunprotected) header.d=ideasonboard.com\n\theader.i=@ideasonboard.com\n\theader.b=\"MFfnWv8k\"; dkim-atps=neutral","To":"libcamera-devel@lists.libcamera.org","Date":"Thu, 16 Jun 2022 17:24:02 +0300","Message-Id":"<20220616142403.20723-7-laurent.pinchart@ideasonboard.com>","X-Mailer":"git-send-email 2.35.1","In-Reply-To":"<20220616142403.20723-1-laurent.pinchart@ideasonboard.com>","References":"<20220616142403.20723-1-laurent.pinchart@ideasonboard.com>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Subject":"[libcamera-devel] [PATCH 6/7] libcamera: yaml_parser: Fix range\n\tchecks for 32-bit integers","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"<libcamera-devel.lists.libcamera.org>","List-Unsubscribe":"<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>","List-Archive":"<https://lists.libcamera.org/pipermail/libcamera-devel/>","List-Post":"<mailto:libcamera-devel@lists.libcamera.org>","List-Help":"<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>","List-Subscribe":"<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>","From":"Laurent Pinchart via libcamera-devel\n\t<libcamera-devel@lists.libcamera.org>","Reply-To":"Laurent Pinchart <laurent.pinchart@ideasonboard.com>","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" <libcamera-devel-bounces@lists.libcamera.org>"},"content":"The strtol() and strtoul() functions return long integers, which may be\nlarger than 32-bit integers. Add manual range checks.\n\nSigned-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n---\n src/libcamera/yaml_parser.cpp | 13 +++++++++----\n 1 file changed, 9 insertions(+), 4 deletions(-)","diff":"diff --git a/src/libcamera/yaml_parser.cpp b/src/libcamera/yaml_parser.cpp\nindex 9b6e70cbfcf3..bd4b501b1422 100644\n--- a/src/libcamera/yaml_parser.cpp\n+++ b/src/libcamera/yaml_parser.cpp\n@@ -10,6 +10,7 @@\n #include <cstdlib>\n #include <errno.h>\n #include <functional>\n+#include <limits>\n \n #include <libcamera/base/file.h>\n #include <libcamera/base/log.h>\n@@ -151,9 +152,11 @@ int32_t YamlObject::get(const int32_t &defaultValue, bool *ok) const\n \tchar *end;\n \n \terrno = 0;\n-\tint32_t value = std::strtol(value_.c_str(), &end, 10);\n+\tlong value = std::strtol(value_.c_str(), &end, 10);\n \n-\tif ('\\0' != *end || errno == ERANGE)\n+\tif ('\\0' != *end || errno == ERANGE ||\n+\t    value < std::numeric_limits<int32_t>::min() ||\n+\t    value > std::numeric_limits<int32_t>::max())\n \t\treturn defaultValue;\n \n \tsetOk(ok, true);\n@@ -185,9 +188,11 @@ uint32_t YamlObject::get(const uint32_t &defaultValue, bool *ok) const\n \tchar *end;\n \n \terrno = 0;\n-\tuint32_t value = std::strtoul(value_.c_str(), &end, 10);\n+\tunsigned long value = std::strtoul(value_.c_str(), &end, 10);\n \n-\tif ('\\0' != *end || errno == ERANGE)\n+\tif ('\\0' != *end || errno == ERANGE ||\n+\t    value < std::numeric_limits<uint32_t>::min() ||\n+\t    value > std::numeric_limits<uint32_t>::max())\n \t\treturn defaultValue;\n \n \tsetOk(ok, true);\n","prefixes":["libcamera-devel","6/7"]}