Only use base 10 for numeric uids/gids

[keszybz]

No description provided.

[0x2b3bfa0]

Suggested change

	r = parse_uid("65535", &uid);
	assert_se(r == -ENXIO);
	assert_se(uid == 100);
	r = parse_uid("0x1234", &uid);
	assert_se(r == -EINVAL);
	assert_se(uid == 100);
	r = parse_uid("01234", &uid);
	assert_se(r == 0);
	assert_se(uid == 1234);
	r = parse_uid("asdsdas", &uid);
	assert_se(r == -EINVAL);
	assert_se(uid == 1234);
	r = parse_uid("65535", &uid);
	assert_se(r == -ENXIO);
	r = parse_uid("0x1234", &uid);
	assert_se(r == -EINVAL);
	r = parse_uid("01234", &uid);
	assert_se(uid == 1234);
	assert_se(r == 0);
	r = parse_uid("asdsdas", &uid);
	assert_se(r == -EINVAL);

I find rather confusing the unneeded checks to the uid value that remains from the last successful execution. Could we simply check the error if the function is expected to fail?

[keszybz]

That's on purpose. It is testing that the function does not touch the output variable on failure.

[0x2b3bfa0]

Just a last question: would assigning UINT32_MAX to uid in case of error instead of leaving it untouched make any sense? It adds complexity to the code, but effectively avoids using a initialization value like 0 in case of error validation fault.

[keszybz]

No. The convention is to not touch the output variable on error. In this case it doesn't matter much either way, but in other cases we make use of this. Having the same convention over all the code base makes the code easier to follow.

For example:

  int output = DEFAULT_VALUE;
  r = parse_something(value_from_config_file, &output);
  if (r < 0)
      log_warning("Failed to parse..., ignoring");
  ...
  r = parse_something(value_from_environment_variable, &output);
  if (r < 0)
       log_warning("Failed to parse..., ingorign"):
  ...
  use_value(output);

[0x2b3bfa0]

👌 Thank you for the clarification!

[0x2b3bfa0]

Quote from #15987 (comment) and #15987 (comment):

I created a patch before I saw your pull request, see #15991.

Oh, in particular your patch rejects 01234, but id and other tools parse that as a decimal number. I think we should do the same, it would create a pointless difference to do anything different. So I'll close this in favour of #15991, since the implementation there is a bit nicer.

Thank you! Your implementation is definitely much nicer and includes tests.

By the way: does f7091f4 belong to this pull request?

[keszybz]

By the way: does f7091f4 belong to this pull request?

I put it there on purpose... I was looking at loginctl.c first, and noticed that this modernization can be done. We attach such cleanup patches to other PRs, because it's not worth to fire up the whole CI (which takes ~4 hours to run) for a trivial patch like that.

[yuwata]

LGTM.

[poettering]

i wonder if we should refuse uids beginning with "0" too, to avoid the ambiguity with octal?

[keszybz]

I thought about that, but id and others accept them. So I think it's better to not deviate from that.

[0x2b3bfa0]

i wonder if we should refuse uids beginning with "0" too, to avoid the ambiguity with octal?

The original pull request (#15987) explicitly refused octal numbers, but as @keszybz stated, most of the existing tools ignore the leading zeros and parse any [0-9]+ string as base 10. Consistency here might be more important than strictness.

[poettering]

hmm, so "id" also accepts "+0" as alias for root, but not "-0"... which is super weird. Maybe it's not the best model to follow?

(we accept +0, too currently, and probably shouldn't, will prep patch for that)

[poettering]

and " 0" is accepted too (i.e. leading whitespace), and probably shouldn't either

[0x2b3bfa0]

Good point. 🤔 I'm starting to think that #15987 wasn't such a bad idea after all.

[keszybz]

Yeah, we should not accept "+0" or "-0" or " 0".

[poettering]

i have a patch mostly ready for ding that

[poettering]

I posted #16033 now. ptal