New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expunge strtoll(3) and strtol(3) #896
Draft
alejandro-colomar
wants to merge
23
commits into
shadow-maint:master
Choose a base branch
from
alejandro-colomar:strtoll
base: master
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alejandro-colomar
force-pushed
the
strtoll
branch
14 times, most recently
from
January 16, 2024 13:51
69b1fca
to
ff5452a
Compare
alejandro-colomar
force-pushed
the
strtoll
branch
4 times, most recently
from
January 21, 2024 00:40
2a6b341
to
5e9fdf4
Compare
alejandro-colomar
force-pushed
the
strtoll
branch
from
January 29, 2024 15:19
5e9fdf4
to
828ea1f
Compare
alejandro-colomar
force-pushed
the
strtoll
branch
from
February 6, 2024 01:20
828ea1f
to
c756605
Compare
alejandro-colomar
force-pushed
the
strtoll
branch
2 times, most recently
from
February 20, 2024 00:08
a73bd21
to
05152cc
Compare
alejandro-colomar
force-pushed
the
strtoll
branch
3 times, most recently
from
March 15, 2024 00:55
68ba703
to
a0b322e
Compare
v2 changes:
|
alejandro-colomar
force-pushed
the
strtoll
branch
from
March 21, 2024 14:28
a0b322e
to
97d5ce5
Compare
v2b changes:
|
v2d changes:
|
alejandro-colomar
force-pushed
the
strtoll
branch
from
April 16, 2024 01:55
ae1fd8a
to
1125c9a
Compare
v2e changes:
|
alejandro-colomar
force-pushed
the
strtoll
branch
from
April 16, 2024 13:49
1125c9a
to
17194b3
Compare
v2f changes:
|
These overloaded macros allow passing either a const or a non-const endp, and will call the appropriate function. This kind of const overloading has prior art in C23's string functions, such as memchr(3). Martin suggested using an artificial function pointer in _Generic(3); it allows switching on various types at the same time. Link: <https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3096.pdf#subsubsection.7.26.5.2> Link: <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114731> Co-developed-by: Martin Uecker <muecker@gwdg.de> Signed-off-by: Alejandro Colomar <alx@kernel.org>
It simplifies the error checking. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Now that we have const-generic macros, we can use a const pointer. Signed-off-by: Alejandro Colomar <alx@kernel.org>
isdigit(3) requires a cast if the argument is of type 'char'. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
time_t isn't necessarily unsigned (in fact, it's likely to be signed. Therefore, parse the number as the right type, via a2i(time_t, ...). Still, reject negative numbers, just to be cautious. It was done before (strtoull_noneg()), so it shouldn't be a problem. (However, strtoull_noneg() was only introduced recently, and before that we called strtoull(3), which silently accepted negative values.) Remove the limitation of ULONG_MAX, which seems arbitrary. It probably was written in times where 'time_t' had the same length of 'long', and this was thus a test that the value didn't overflow 'time_t'. Such a test is implicit in the a2i() call, so forget about it. Unify the error messages into a single one that provides all the info (except the value of 'fallback'). Link: <shadow-maint@cb610d5#r136407772> Cc: Chris Lamb <lamby@debian.org> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
…unction All call sites were replaced by a2i() recently. Signed-off-by: Alejandro Colomar <alx@kernel.org>
It is a simpler call, with more type safety. A consequence of this change is that the program now accepts numbers in bases 8 and 16. That's not a problem here, I think. Signed-off-by: Alejandro Colomar <alx@kernel.org>
…nction All call sites have been replaced by functions from "atoi/a2i.h" and "atoi/str2i.h" recently. Signed-off-by: Alejandro Colomar <alx@kernel.org>
In the case of is_unsigned() and is_signed(), the natural thing would be to compare to 0: #define is_unsigned(x) (((typeof(x)) -1) > 0) #define is_signed(x) (((typeof(x)) -1) < 0) However, that would trigger -Wtype-limits, so we compare against 1, which silences that, and does the same job. Signed-off-by: Alejandro Colomar <alx@kernel.org>
atoi(3) easily triggers Undefined Behavior. Replace it by str2[u]l(), which are safe from that, and add type safety too. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Implement it as an inline function, and add restrict and ATTR_STRING() and ATTR_ACCESS() as appropriate. Signed-off-by: Alejandro Colomar <alx@kernel.org>
These functions were open-coding get_gid(). Use the actual function. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Implement it as an inline function, and add restrict and ATTR_STRING() and ATTR_ACCESS() as appropriate. Signed-off-by: Alejandro Colomar <alx@kernel.org>
…iptor from a string Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Implement it as an inline function, and add restrict and ATTR_STRING() and ATTR_ACCESS() as appropriate. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
It seems the const-generic macros have exposed some const correctness violations. They are probably nothing to worry, but I'll fix them. Edit: Done. |
Now that we use liba2i's const-generic macros, we can (and must) use a 'const char **' endp where the input string is 'const char *'. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Remove all calls to strtoll(3) and strtol(3), and replace them by safer calls like getlong() or getnum().
Revisions
v3
v3 changes:v4
v4 changes: