From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2586 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: minor issues (found by cppcheck) Date: Mon, 14 Jan 2013 16:57:00 -0500 Message-ID: <20130114215700.GR20323@brightrain.aerifal.cx> References: <20130114194147.GW4468@port70.net> <20130114210541.GQ20323@brightrain.aerifal.cx> <20130114212350.GX4468@port70.net> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1358200632 30410 80.91.229.3 (14 Jan 2013 21:57:12 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 14 Jan 2013 21:57:12 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-2587-gllmg-musl=m.gmane.org@lists.openwall.com Mon Jan 14 22:57:30 2013 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1Tus25-0003Kb-Tl for gllmg-musl@plane.gmane.org; Mon, 14 Jan 2013 22:57:30 +0100 Original-Received: (qmail 10190 invoked by uid 550); 14 Jan 2013 21:57:13 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 10179 invoked from network); 14 Jan 2013 21:57:12 -0000 Content-Disposition: inline In-Reply-To: <20130114212350.GX4468@port70.net> User-Agent: Mutt/1.5.21 (2010-09-15) Xref: news.gmane.org gmane.linux.lib.musl.general:2586 Archived-At: On Mon, Jan 14, 2013 at 10:23:50PM +0100, Szabolcs Nagy wrote: > * Rich Felker [2013-01-14 16:05:41 -0500]: > > On Mon, Jan 14, 2013 at 08:41:47PM +0100, Szabolcs Nagy wrote: > > > getmntent_r has a sscanf with %d, > > > it might make sense to limit the width > > > > I think the error is irrelevant for %d unless we're talking about the > > theoretical UB for integer overflow, but that doesn't seem to be what > > this warning is about. Anyway, musl's scanf has well-defined overflow > > behavior. > > i mean if there is a very long digit sequence in the input > it may make sense to fail early, eg use %11d and with a final > %n we could check if the input is read correctly > > assuming we want to report failure on invalid input Is a line containing a number 1 represented as a billion zeros followed by a 1 "invalid input"? It's pathological, but I don't see any reason to go out of our way to treat it as invalid, especially since the files being parsed by this function are provided either by root or by the invoking user (usually by root). Rich