lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Wed, 24 Jan 2007 18:12:48 -0600
From:	Robert Hancock <hancockr@...w.ca>
To:	linux-kernel@...r.kernel.org
Cc:	"Jonathan M. McCune" <jonmccune@....edu>
Subject: Re: reading a binary sysfs attribute continues forever

Jonathan M. McCune wrote:
> Hello,
> 
> I have written a kernel module which introduces a new subsystem in
> sysfs, and it contains several attributes, one of which is binary.  So
> far, I've been testing it using text.  My problem is, attempting to read
> data continues forever.  For example:
> 
> # echo "test data" > /sys/mystuff/binaryattrib
> # cat /sys/mystuff/binaryattrib
> 
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> test data
> .. and so on forever.
> 
> Here are the read and write functions for the binary attribute:
> 'void *input_params' is a pointer to PAGE_SIZE (4096 for me) bytes, and
> 'size_t input_params_size' contains the actual number of bytes which
> were written  to input_params by the _write function.  input_params_size
> is initialized to zero when the module is first loaded.
> 
> static ssize_t binaryattrib_read(struct kobject *kobj, char *buf, loff_t
> pos,
>                            size_t count) {
> 
>     if(input_params_size + sizeof(size_t) > count)
>         return -EINVAL;
> 
>     memcpy(buf, (void *)&input_params_size, sizeof(size_t));
>     memcpy(buf+sizeof(size_t), input_params, input_params_size);
> 
>     return input_params_size + sizeof(size_t);

I don't know sysfs functions well but this looks wrong, you're ignoring 
the pos argument completely and always returning the same data. You 
should be copying the data starting at pos and returning only the number 
of bytes available from that point (possibly zero). Otherwise the user 
app will never get an end of file since more data is always available.

Also, you shouldn't be returning EINVAL if they try to read less than 
the size of your data as that is acceptable behavior and will work fine 
if you handle the pos argument properly.

-- 
Robert Hancock      Saskatoon, SK, Canada
To email, remove "nospam" from hancockr@...pamshaw.ca
Home Page: http://www.roberthancock.com/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ