| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7309c580def7427769b4c133c5037209d3ecac91.camel@perches.com>
Date: Mon, 02 Nov 2020 09:01:29 -0800
From: Joe Perches <joe@...ches.com>
To: Matthew Wilcox <willy@...radead.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Hugh Dickins <hughd@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4/5] mm: shmem: Convert shmem_enabled_show to use
sysfs_emit_at
On Mon, 2020-11-02 at 14:40 +0000, Matthew Wilcox wrote:
> For someone who's used to C "strings", it's pretty common to do
> something like:
>
> buf += sprintf(buf, "foo ");
> buf += sprintf(buf, "bar ");
It's not equivalent code.
What was actually necessary was using scnprintf which tests the
number of bytes available in the buffer.
The actual equivalent code was something like:
int used = 0;
used += scnprintf(buf + used, PAGE_SIZE - used, "foo ");
used += scnprintf(buf + used, PAGE_SIZE - used, "bar ");
> sysfs_emit_at instead wants me to do:
>
> len += sprintf(buf + len, "foo ");
> len += sprintf(buf + len, "bar ");
>
> I don't see how the code I wrote defeats the check. It checks that the
> buffer never crosses a PAGE_SIZE boundary, which is equivalently safe.
And it'd be required to store the original buf value passed to be
able to return the actual number of bytes emitted when multiple
calls are used.
return sprintf(buf) - obuf;
This also does and can not verify that buf is originally page aligned.
Powered by blists - more mailing lists