On Thu, May 27, 2021 at 02:10:21PM +0000, David Laight wrote: > From: Chen Huang > > Sent: 26 May 2021 10:20 > > > > The simple_strtoull() function is deprecated in some situation, since > > it does not check for the range overflow, use kstrtoull() instead. > > > ... > > - target_bytes = simple_strtoull(buf, &endchar, 0) * 1024; > > + ret = kstrtoull(buf, 0, &target_bytes); > > + if (ret) > > + return ret; > > + target_bytes *= 1024; > > I'd have thought it was more important to check *endchar > than overflow.
That's one of the differences between simple_strtoull() and kstrtoull(). The simple_strtoull() will accept a string like "123ABC", but kstrtoull() will only accept NUL terminated numbers or a newline followed by a NUL terminator. Which is fine in this context because users will be doing "echo 1234 > /sys/foo". > If you are worried about overflow you need a range check > before the multiply. This is probably a case where if the users cause an integer overflow then they get what they deserve. regards, dan carpenter
