From: "Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>
To: "Eric Bénard" <eric@eukrea.com>
Cc: barebox@lists.infradead.org
Subject: Re: [PATCH] commands/digest: add verify support
Date: Thu, 25 Sep 2014 09:15:02 +0200 [thread overview]
Message-ID: <20140925071502.GK3755@pengutronix.de> (raw)
In-Reply-To: <1411564870-6987-1-git-send-email-eric@eukrea.com>
Hello Eric,
On Wed, Sep 24, 2014 at 03:21:10PM +0200, Eric Bénard wrote:
> From: Hubert Feurstein <h.feurstein@gmail.com>
>
> Signed-off-by: Hubert Feurstein <h.feurstein@gmail.com>
> [EB]: reworked based on Sascha's comments and tested with md5sum
> Signed-off-by: Eric Bénard <eric@eukrea.com>
> ---
> commands/digest.c | 120 +++++++++++++++++++++++++++++++++++++++++++++++++-----
> 1 file changed, 110 insertions(+), 10 deletions(-)
>
> diff --git a/commands/digest.c b/commands/digest.c
> index 092fda2..2a982e5 100644
> --- a/commands/digest.c
> +++ b/commands/digest.c
> @@ -23,26 +23,99 @@
> #include <fcntl.h>
> #include <errno.h>
> #include <xfuncs.h>
> +#include <libfile.h>
> #include <malloc.h>
> #include <digest.h>
> +#include <linux/ctype.h>
> +#include <getopt.h>
> +
> +static inline unsigned char parse_hexchar(char c)
> +{
> + if (!isxdigit(c))
> + return 0;
> +
> + return isdigit(c) ? (c - '0') : ((islower(c) ? toupper(c) : c) - 'A' + 0xA);
Probably this is fine in barebox and also the check for isxdigit above
should make it save, but in general this approach might result in
surprises. In general isdigit et al are 1) locale dependant and 2) all
take an unsigned char (or EOF).
(Using Python here, but the same applies to C code obviously.)
With LC_ALL=de_DE LANG=de_DE the first fact yields:
$ python
Python 2.7.7 (default, Jun 3 2014, 16:16:56)
[GCC 4.8.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import locale
>>> locale.setlocale(locale.LC_ALL, '')
'de_DE'
>>> print 'Ä'.isupper()
True
The problem with unsigned is that
ispunct('\xfc')
might result in checking -4 which is undefined.
This obviously only applies to platforms where char is implicitly
signed (According to https://wiki.debian.org/ArchitectureSpecificsMemo
this includes x86 and mips.)
So I'd suggest to check the ASCII-values explicitly, something like:
switch (c) {
case '0'..'9':
return c - '0';
break;
case 'a'..'f':
return c - 'a' + 0xa;
break;
case 'A'..'F':
return c - 'A' + 0xa;
break;
default:
return 0;
break;
}
to be on the safe side and to also be able to use the code in userspace.
(But note this is even safe EBCDIC machines, but only because we're
using only the letters up to 'f'. 'j' - 'a' is 16 there. :-)
Best regards
Uwe, the pedantic
--
Pengutronix e.K. | Uwe Kleine-König |
Industrial Linux Solutions | http://www.pengutronix.de/ |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next prev parent reply other threads:[~2014-09-25 7:15 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-24 13:21 Eric Bénard
2014-09-25 7:15 ` Uwe Kleine-König [this message]
-- strict thread matches above, loose matches on Subject: below --
2015-02-16 13:02 h.feurstein
2015-02-17 7:39 ` Sascha Hauer
2013-04-19 8:43 Hubert Feurstein
2013-04-21 11:22 ` Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140925071502.GK3755@pengutronix.de \
--to=u.kleine-koenig@pengutronix.de \
--cc=barebox@lists.infradead.org \
--cc=eric@eukrea.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox