Extract numeric string arguments with the correct signedness

There are lots of places where a numeric argument of an argument string
gets extraced as signed long value and then assigned to an unsigned long
variable. If the value in the string was negative, it would not be
detected as invalid (and replaced by the default value), but become a
positive bogus value.

With this patch, numeric values which are supposed to be unsigned get
extracted with the 'ulong_value()' function, which returns the default
value for negative numbers.

Fixes #1472

repos/base-hw/src/core/include/signal_root.h

@@ -77,7 +77,7 @@ namespace Genode
 			Signal_session_component * _create_session(const char * args)
 			{
 				size_t ram_quota =
-					Arg_string::find_arg(args, "ram_quota").long_value(0);
+					Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				return new (md_alloc())
 					Signal_session_component(md_alloc(), ram_quota);
 			}
@@ -86,7 +86,7 @@ namespace Genode
 			                      const char * args)
 			{
 				size_t ram_quota =
-					Arg_string::find_arg(args, "ram_quota").long_value(0);
+					Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				s->upgrade_ram_quota(ram_quota);
 			}
 	};

repos/base-hw/src/core/include/vm_root.h

@@ -28,7 +28,7 @@ namespace Genode {
 
 			Vm_session_component *_create_session(const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				return new (md_alloc()) Vm_session_component(ep(), ram_quota);
 			}
 

repos/base/include/root/component.h

@@ -210,7 +210,7 @@ class Genode::Root_component : public Rpc_object<Typed_root<SESSION_TYPE> >,
 			 * We need to decrease 'ram_quota' by
 			 * the size of the session object.
 			 */
-			size_t ram_quota = Arg_string::find_arg(args.string(), "ram_quota").long_value(0);
+			size_t ram_quota = Arg_string::find_arg(args.string(), "ram_quota").ulong_value(0);
 			size_t needed = sizeof(SESSION_TYPE) + md_alloc()->overhead(sizeof(SESSION_TYPE));
 
 			if (needed > ram_quota) {

repos/base/src/base/child/child.cc

@@ -281,7 +281,7 @@ Session_capability Child::session(Parent::Service_name const &name,
 	Affinity const filtered_affinity = _policy->filter_session_affinity(affinity);
 
 	/* transfer the quota donation from the child's account to ourself */
-	size_t ram_quota = Arg_string::find_arg(_args, "ram_quota").long_value(0);
+	size_t ram_quota = Arg_string::find_arg(_args, "ram_quota").ulong_value(0);
 
 	Transfer donation_from_child(ram_quota, _ram, env()->ram_session_cap());
 

repos/base/src/core/cpu_session_component.cc

@@ -285,7 +285,7 @@ static size_t remaining_session_ram_quota(char const *args)
 	 * We don't need to consider an underflow here because
 	 * 'Cpu_root::_create_session' already checks for the condition.
 	 */
-	return Arg_string::find_arg(args, "ram_quota").long_value(0)
+	return Arg_string::find_arg(args, "ram_quota").ulong_value(0)
 	     - Trace::Control_area::SIZE;
 }
 

repos/base/src/core/include/cpu_root.h

@@ -37,7 +37,7 @@ namespace Genode {
 			                                       Affinity const &affinity) {
 
 				size_t ram_quota =
-					Arg_string::find_arg(args, "ram_quota").long_value(0);
+					Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 
 				if (ram_quota < Trace::Control_area::SIZE)
 					throw Root::Quota_exceeded();
@@ -51,7 +51,7 @@ namespace Genode {
 
 			void _upgrade_session(Cpu_session_component *cpu, const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				cpu->upgrade_ram_quota(ram_quota);
 			}
 

repos/base/src/core/include/ram_root.h

@@ -38,7 +38,7 @@ namespace Genode {
 
 			void _upgrade_session(Ram_session_component *ram, const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				ram->upgrade_ram_quota(ram_quota);
 			}
 

repos/base/src/core/include/rm_root.h

@@ -44,7 +44,7 @@ namespace Genode {
 			{
 				addr_t start     = Arg_string::find_arg(args, "start").ulong_value(~0UL);
 				size_t size      = Arg_string::find_arg(args, "size").ulong_value(0);
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 
 				return new (md_alloc())
 				       Rm_session_component(_ds_ep,
@@ -78,7 +78,7 @@ namespace Genode {
 
 			void _upgrade_session(Rm_session_component *rm, const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				rm->upgrade_ram_quota(ram_quota);
 			}
 

repos/base/src/core/include/signal_root.h

@@ -46,7 +46,7 @@ namespace Genode {
 
 			Signal_session_component *_create_session(const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				return new (md_alloc())
 					Signal_session_component(entrypoint(), entrypoint(),
 					                         md_alloc(), ram_quota);
@@ -54,7 +54,7 @@ namespace Genode {
 
 			void _upgrade_session(Signal_session_component *s, const char *args)
 			{
-				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+				size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 				s->upgrade_ram_quota(ram_quota);
 			}
 

repos/base/src/core/include/trace/root.h

@@ -34,7 +34,7 @@ class Genode::Trace::Root : public Genode::Root_component<Session_component>
 
 		Session_component *_create_session(const char *args)
 		{
-			size_t ram_quota       = Arg_string::find_arg(args, "ram_quota").long_value(0);
+			size_t ram_quota       = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 			size_t arg_buffer_size = Arg_string::find_arg(args, "arg_buffer_size").ulong_value(0);
 			unsigned parent_levels = Arg_string::find_arg(args, "parent_levels").ulong_value(0);
 
@@ -51,7 +51,7 @@ class Genode::Trace::Root : public Genode::Root_component<Session_component>
 
 		void _upgrade_session(Session_component *s, const char *args)
 		{
-			size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+			size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 			s->upgrade_ram_quota(ram_quota);
 		}
 

repos/base/src/core/ram_session_component.cc

@@ -265,13 +265,13 @@ Ram_session_component::Ram_session_component(Rpc_entrypoint  *ds_ep,
 :
 	_ds_ep(ds_ep), _ram_session_ep(ram_session_ep), _ram_alloc(ram_alloc),
 	_quota_limit(quota_limit), _payload(0),
-	_md_alloc(md_alloc, Arg_string::find_arg(args, "ram_quota").long_value(0)),
+	_md_alloc(md_alloc, Arg_string::find_arg(args, "ram_quota").ulong_value(0)),
 	_ds_slab(&_md_alloc), _ref_account(0),
-	_phys_start(Arg_string::find_arg(args, "phys_start").long_value(0))
+	_phys_start(Arg_string::find_arg(args, "phys_start").ulong_value(0))
 {
 	Arg_string::find_arg(args, "label").string(_label, sizeof(_label), "");
 
-	size_t phys_size = Arg_string::find_arg(args, "phys_size").long_value(0);
+	size_t phys_size = Arg_string::find_arg(args, "phys_size").ulong_value(0);
 	/* sanitize overflow and interpret phys_size==0 as maximum phys address */
 	if (_phys_start + phys_size <= _phys_start)
 		_phys_end = ~0UL;

repos/libports/src/lib/qt5/qpluginwidget/qpluginwidget.cpp

@@ -111,7 +111,7 @@ void PluginStarter::_start_plugin(QString &file_name, QByteArray const &file_buf
 
 		PDBG("file_size_uncompressed = %u", file_size);
 
-		size_t ram_quota = Arg_string::find_arg(_args.constData(), "ram_quota").long_value(0) + file_size;
+		size_t ram_quota = Arg_string::find_arg(_args.constData(), "ram_quota").ulong_value(0) + file_size;
 
 		if ((long)env()->ram_session()->avail() - (long)ram_quota < QPluginWidget::RAM_QUOTA) {
 			PERR("quota exceeded");
@@ -161,7 +161,7 @@ void PluginStarter::_start_plugin(QString &file_name, QByteArray const &file_buf
 			_pc->commit_rom_module(file_name.toUtf8().constData());
 		}
 	} else {
-		size_t ram_quota = Arg_string::find_arg(_args.constData(), "ram_quota").long_value(0);
+		size_t ram_quota = Arg_string::find_arg(_args.constData(), "ram_quota").ulong_value(0);
 
 		if ((long)env()->ram_session()->avail() - (long)ram_quota < QPluginWidget::RAM_QUOTA) {
 			_plugin_loading_state = QUOTA_EXCEEDED_ERROR;

repos/os/include/init/child_policy.h

@@ -151,7 +151,7 @@ class Init::Child_policy_handle_cpu_priorities
 			if (Genode::strcmp(service, "CPU") || _prio_levels_log2 == 0)
 				return;
 
-			unsigned long priority = Arg_string::find_arg(args, "priority").long_value(0);
+			unsigned long priority = Arg_string::find_arg(args, "priority").ulong_value(0);
 
 			/* clamp priority value to valid range */
 			priority = min((unsigned)Cpu_session::PRIORITY_LIMIT - 1, priority);

repos/os/src/server/loader/main.cc

@@ -408,7 +408,7 @@ class Loader::Root : public Root_component<Session_component>
 		Session_component *_create_session(const char *args)
 		{
 			size_t quota =
-				Arg_string::find_arg(args, "ram_quota").long_value(0);
+				Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 
 			return new (md_alloc()) Session_component(quota, _ram, _cap);
 		}

repos/os/src/server/log_report/main.cc

@@ -85,7 +85,7 @@ class Report::Root : public Genode::Root_component<Session_component>
 
 			/* read report buffer size from session arguments */
 			size_t const buffer_size =
-				Arg_string::find_arg(args, "buffer_size").long_value(0);
+				Arg_string::find_arg(args, "buffer_size").ulong_value(0);
 
 			return new (md_alloc())
 				Session_component(Session_component::Label(label), buffer_size);

repos/os/src/server/nitpicker/main.cc

@@ -1045,7 +1045,7 @@ class Nitpicker::Root : public Genode::Root_component<Session_component>
 
 		void _upgrade_session(Session_component *s, const char *args)
 		{
-			size_t ram_quota = Arg_string::find_arg(args, "ram_quota").long_value(0);
+			size_t ram_quota = Arg_string::find_arg(args, "ram_quota").ulong_value(0);
 			s->upgrade_ram_quota(ram_quota);
 		}
 

repos/os/src/server/report_rom/report_service.h

@@ -92,7 +92,7 @@ struct Report::Root : Genode::Root_component<Session_component>
 
 			/* read report buffer size from session arguments */
 			size_t const buffer_size =
-				Arg_string::find_arg(args, "buffer_size").long_value(0);
+				Arg_string::find_arg(args, "buffer_size").ulong_value(0);
 
 			return new (md_alloc())
 				Session_component(Rom::Module::Name(label), buffer_size,

repos/ports/src/app/gdb_monitor/app_child.h

@@ -180,7 +180,7 @@ namespace Gdb_monitor {
 
 						Genode::size_t ram_quota =
 							Arg_string::find_arg(args.string(),
-							                     "ram_quota").long_value(0);
+							                     "ram_quota").ulong_value(0);
 
 						/* forward session quota to child */
 						env()->ram_session()->transfer_quota(_child_ram, ram_quota);
@@ -209,7 +209,7 @@ namespace Gdb_monitor {
 
 						Genode::size_t ram_quota =
 							Arg_string::find_arg(args.string(),
-							                     "ram_quota").long_value(0);
+							                     "ram_quota").ulong_value(0);
 
 						/* forward session quota to child */
 						env()->ram_session()->transfer_quota(_child_ram, ram_quota);