lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5212E948.8000401@asianux.com>
Date:	Tue, 20 Aug 2013 11:58:00 +0800
From:	Chen Gang <gang.chen@...anux.com>
To:	Mel Gorman <mgorman@...e.de>, kosaki.motohiro@...fujitsu.com,
	riel@...hat.com, hughd@...gle.com, xemul@...allels.com,
	Cyrill Gorcunov <gorcunov@...nvz.org>, rientjes@...gle.com,
	Wanpeng Li <liwanp@...ux.vnet.ibm.com>, hughd@...gle.com
CC:	Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: [PATCH 2/3] fs/proc/task_mmu.c: check the return value of mpol_to_str()

mpol_to_str() may fail, and not fill the buffer (e.g. -EINVAL), so need
check about it, or buffer may not be zero based, and next seq_printf()
will cause issue.

Also print related warning when the buffer space is not enough.


Signed-off-by: Chen Gang <gang.chen@...anux.com>
---
 fs/proc/task_mmu.c |   16 ++++++++++++++--
 1 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index a117207..1cb7445 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -1359,7 +1359,7 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid)
 	struct mm_struct *mm = vma->vm_mm;
 	struct mm_walk walk = {};
 	struct mempolicy *pol;
-	int n;
+	int n, ret;
 	char buffer[50];
 
 	if (!mm)
@@ -1376,7 +1376,19 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid)
 	walk.mm = mm;
 
 	pol = get_vma_policy(task, vma, vma->vm_start);
-	mpol_to_str(buffer, sizeof(buffer), pol);
+	ret = mpol_to_str(buffer, sizeof(buffer), pol);
+	if (ret < 0)
+		switch (ret) {
+		case -ENOSPC:
+			pr_warn("in %s: string is truncated in mpol_to_str().\n",
+				__func__);
+			break;
+		default:
+			pr_err("in %s: call mpol_to_str() fail, errcode: %d. buffer: %p, size: %zu,  pol: %p\n",
+				__func__, ret, buffer, sizeof(buffer), pol);
+			return ret;
+		}
+
 	mpol_cond_put(pol);
 
 	seq_printf(m, "%08lx %s", vma->vm_start, buffer);
-- 
1.7.7.6
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ