Re: [PATCH] time: fix sysfs_show_{available,current}_clocksources() buffer overflow problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Nov 11, 2007 at 11:29:59AM +0800, Miao Xie wrote:
>on 2007-11-8 20:11 WANG Cong wrote:
>>On Thu, Nov 08, 2007 at 07:47:41PM +0800, WANG Cong wrote:
>>>Yes, snprintf is safer than sprintf. But here, the 'count' will be
>>>mis-pointed when snprintf returns no less than PAGE_SIZE (what you called
>>>overflow). So you may also need:
>>>
>>>	if (unlikely(count >= PAGE_SIZE))
>>>		count = PAGE_SIZE - 1;
>>>
>>>Just a simple guess. ;)
>>
>>Or try scnprintf. ;)
>
>We have discussed this problem. We think that it is better to return the 
>return
>value of kernel directly because this is the specification of the sysfs.
>
>  (Version:2.6.24-rc2,File:Documentation/filesystems/sysfs.txt:198-201):
>  198 - show() methods should return the number of bytes printed into the
>  199   buffer. This is the return value of snprintf().
>  200
>  201 - show() should always use snprintf().
>
>And the function which calls the show() methods uses BUG_ON() to check the
>return value. If the return value is too big,it means something wrong.
>
>If we use scnprintf, we may not know whether the resulting string is 
>truncated
>or not. Maybe A big bug is ignored.
>

Well, i know little about sysfs. So it was just a hint.

Anyway, thanks for your input!


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux