[PATCH v3] parser: be more picky for integer values
Pekka Paalanen
ppaalanen at gmail.com
Mon Mar 19 04:54:36 PDT 2012
On Fri, 16 Mar 2012 15:12:14 -0300
Tiago Vignatti <tiago.vignatti at intel.com> wrote:
> It was silently accepting "-i=3", "-i=3/2", "--idle-time=*3" and similar
> unwanted type of arguments, not changing anything internally; this
> gives the wrong impression for the user. Now it explicitly warns.
>
> Signed-off-by: Tiago Vignatti <tiago.vignatti at intel.com>
> ---
> Pekka, I guess now it's alright, please take a look. If it's good to go, you
> would mind to stamp a Reviewed-By for the other patches in this series as
> well?
Looks good, the only thing I'd done differently is make the function
take a typed parameter instead of a void*.
Oh, just realised...
> Thank you.
>
> since v2:
> - adjusted to the correct limits based on stdint.h
> - instead drastically assert(0) on illegal user input, now it returns a
> warning message and continue the execution of the program.
>
> shared/option-parser.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++-
> 1 files changed, 55 insertions(+), 2 deletions(-)
>
> diff --git a/shared/option-parser.c b/shared/option-parser.c
> index 600f110..0e607d9 100644
> --- a/shared/option-parser.c
> +++ b/shared/option-parser.c
> @@ -25,18 +25,71 @@
> #include <stdio.h>
> #include <string.h>
> #include <assert.h>
> +#include <limits.h>
> +#include <errno.h>
>
> #include "config-parser.h"
>
> +static int
> +get_int(void *ret, const char *value)
> +{
> + char *end;
> + long int v;
> +
> + errno = 0;
> + v = strtol(value, &end, 0);
> + if ((errno == ERANGE && (v == LONG_MAX || v == LONG_MIN)) ||
> + (errno != 0 && v == 0) ||
> + (end == value) ||
> + (*end != '\0')) {
> + fprintf(stderr, "arg %s is not a valid number\n", value);
> + return -1;
> + }
> +
> + if (v < INT32_MIN || v > INT32_MAX) {
> + fprintf(stderr, "arg %s doesn't fit into integer\n", value);
> + return -1;
> + }
> +
> + * (int32_t *) ret = v;
> + return 1;
> +}
> +
> +static int
> +get_uint(void *ret, const char *value)
> +{
> + char *end;
> + long int v;
> +
> + errno = 0;
> + v = strtol(value, &end, 0);
> + if ((errno == ERANGE && (v == ULONG_MAX)) ||
> + (errno != 0 && v == 0) ||
> + (end == value) ||
> + (*end != '\0')) {
> + fprintf(stderr, "arg %s is not a valid number\n", value);
> + return -1;
> + }
> +
> + if (v < 0 || v > UINT32_MAX) {
> + fprintf(stderr, "arg %s doesn't fit into unsigned integer\n",
> + value);
> + return -1;
> + }
> +
> + * (uint32_t *) ret = v;
> + return 1;
> +}
> +
> static void
> handle_option(const struct weston_option *option, char *value)
> {
> switch (option->type) {
> case WESTON_OPTION_INTEGER:
> - * (int32_t *) option->data = strtol(value, NULL, 0);
> + get_int(option->data, value);
> return;
> case WESTON_OPTION_UNSIGNED_INTEGER:
> - * (uint32_t *) option->data = strtoul(value, NULL, 0);
> + get_uint(option->data, value);
> return;
> case WESTON_OPTION_STRING:
> * (char **) option->data = strdup(value);
...the error is not propagated forward here. But that could be another
patch.
this patch
Reviewed-by: Pekka Paalanen <ppaalanen at gmail.com>
Thanks,
pq
More information about the wayland-devel
mailing list