On Fri, Jan 23, 2026 at 02:46:45PM +0300, Dmitry Antipov wrote:
> In '_parse_integer_limit()', replace native integer arithmetic with
> 'check_mul_overflow()' and 'check_add_overflow()' to check whether
> an intermediate result goes out of range, and denote such a case
> with ULLONG_MAX. Adjust comment to kernel-doc style as well.
Probably you also wanted to say that this is to be aligned with libc behaviour
of strto*()?
...
> /*
> + * Accumulate result if no overflow detected.
> + * Otherwise just consume valid characters.
> */
> + if (res != ULLONG_MAX) {
Here I would put another comment explaining that the order operations matters
(has a side effect), id est the result of the first one is used in the second
one.
/*
* Keep an eye on the order.
*
* @tmp is being used in the second operation,
* if the first one succeeds.
*/
> + if (check_mul_overflow(res, base, &tmp) ||
> + check_add_overflow(tmp, val, &res)) {
> + res = ULLONG_MAX;
> rv |= KSTRTOX_OVERFLOW;
> + }
> }
--
With Best Regards,
Andy Shevchenko
