From owner-svn-src-head@freebsd.org Sun Dec 31 22:43:26 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 673A2EAB62F; Sun, 31 Dec 2017 22:43:26 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 315C767B30; Sun, 31 Dec 2017 22:43:26 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vBVMhPZX086153; Sun, 31 Dec 2017 22:43:25 GMT (envelope-from ian@FreeBSD.org) Received: (from ian@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vBVMhPtS086151; Sun, 31 Dec 2017 22:43:25 GMT (envelope-from ian@FreeBSD.org) Message-Id: <201712312243.vBVMhPtS086151@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ian set sender to ian@FreeBSD.org using -f From: Ian Lepore Date: Sun, 31 Dec 2017 22:43:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r327453 - in head: stand/libsa sys/sys X-SVN-Group: head X-SVN-Commit-Author: ian X-SVN-Commit-Paths: in head: stand/libsa sys/sys X-SVN-Commit-Revision: 327453 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Dec 2017 22:43:26 -0000 Author: ian Date: Sun Dec 31 22:43:24 2017 New Revision: 327453 URL: https://svnweb.freebsd.org/changeset/base/327453 Log: Add a validbcd() routine that uses the bcd2bin_data[] array and returns a bool indicating whether the input value represents a valid BCD byte. The existing bcd2bin() routine will KASSERT if asked to convert a bad value, but sometimes the kernel has to handle BCD data from untrusted sources, so this will provide a mechanism to validate data before attempting conversion. This would be have easier/cleaner if the bcd2bin_data[] array contained an out-of-range value (such as 0xff) in the infill locations that aren't valid, but it's a global symbol that might be referenced by out-of-tree code relying on the current scheme, so I'm leaving that alone. Modified: head/stand/libsa/stand.h head/sys/sys/libkern.h Modified: head/stand/libsa/stand.h ============================================================================== --- head/stand/libsa/stand.h Sun Dec 31 22:35:32 2017 (r327452) +++ head/stand/libsa/stand.h Sun Dec 31 22:43:24 2017 (r327453) @@ -354,6 +354,7 @@ extern char const hex2ascii_data[]; #define bcd2bin(bcd) (bcd2bin_data[bcd]) #define bin2bcd(bin) (bin2bcd_data[bin]) #define hex2ascii(hex) (hex2ascii_data[hex]) +#define validbcd(bcd) (bcd == 0 || (bcd > 0 && bcd <= 0x99 && bcd2bin_data[bcd] != 0)) /* min/max (undocumented) */ static __inline int imax(int a, int b) { return (a > b ? a : b); } Modified: head/sys/sys/libkern.h ============================================================================== --- head/sys/sys/libkern.h Sun Dec 31 22:35:32 2017 (r327452) +++ head/sys/sys/libkern.h Sun Dec 31 22:43:24 2017 (r327453) @@ -82,6 +82,13 @@ hex2ascii(int hex) return (hex2ascii_data[hex]); } +static inline bool +validbcd(int bcd) +{ + + return (bcd == 0 || (bcd > 0 && bcd <= 0x99 && bcd2bin_data[bcd] != 0)); +} + static __inline int imax(int a, int b) { return (a > b ? a : b); } static __inline int imin(int a, int b) { return (a < b ? a : b); } static __inline long lmax(long a, long b) { return (a > b ? a : b); }