lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 10 Jan 2024 17:45:15 -0500
From: Rafael Aquini <aquini@...hat.com>
To: Rasmus Villemoes <rasmus.villemoes@...vas.dk>
Cc: Audra Mitchell <audra@...hat.com>, linux-kernel@...r.kernel.org,
	tj@...nel.org, jiangshanlai@...il.com,
	hirokazu.yamauchi.hk@...achi.com, ddouwsma@...hat.com,
	loberman@...hat.com, raquini@...hat.com
Subject: Re: [PATCH v2] workqueue.c: Increase workqueue name length

On Wed, Jan 10, 2024 at 05:31:49PM -0500, Rafael Aquini wrote:
> On Wed, Jan 10, 2024 at 11:06:22PM +0100, Rasmus Villemoes wrote:
> > On 10/01/2024 22.52, Rafael Aquini wrote:
> > > On Wed, Jan 10, 2024 at 09:47:56PM +0100, Rasmus Villemoes wrote:
> > >> On 10/01/2024 21.29, Audra Mitchell wrote:
> > >>
> > >>> @@ -4663,9 +4663,10 @@ struct workqueue_struct *alloc_workqueue(const char *fmt,
> > >>>  					 unsigned int flags,
> > >>>  					 int max_active, ...)
> > >>>  {
> > >>> -	va_list args;
> > >>> +	va_list args, args_copy;
> > >>>  	struct workqueue_struct *wq;
> > >>>  	struct pool_workqueue *pwq;
> > >>> +	int len;
> > >>>  
> > >>>  	/*
> > >>>  	 * Unbound && max_active == 1 used to imply ordered, which is no longer
> > >>> @@ -4692,6 +4693,13 @@ struct workqueue_struct *alloc_workqueue(const char *fmt,
> > >>>  	}
> > >>>  
> > >>>  	va_start(args, max_active);
> > >>> +	va_copy(args_copy, args);
> > >>> +	len = vsnprintf(NULL, 0, fmt, args_copy);
> > >>> +	WARN(len > WQ_NAME_LEN,
> > >>> +		"workqueue: wq->name too long (%d). Truncated to WQ_NAME_LEN (%d)\n",
> > >>> +		len, WQ_NAME_LEN);
> > >>> +
> > >>> +	va_end(args_copy);
> > >>>  	vsnprintf(wq->name, sizeof(wq->name), fmt, args);
> > >>
> > >> Eh, why not just _not_ throw away the return value from the existing
> > >> vsnprintf() and do "len >= sizeof(wq->name)" to know if truncation
> > >> happened? There's really no need need to do vsnprintf() twice. (And yes,
> > >> you want >=, not >).
> > >>
> > > 
> > > The extra vsnprintf call is required because the return of the existing 
> > > vsnprintf() is going to be already capped by sizeof(wq->name).
> > 
> > No, it is not. vsnprintf() returns the length of the would-be-created
> > string if the buffer was big enough. That is independent of whether one
> > does a dummy NULL,0 call or just calls it with a real, but possibly too
> > small, buffer.
> > 
> > This is true for userspace (as required by posix) as well as the kernel
> > implementation of vsnprintf(). What makes you think otherwise?
> >
> 
> this snippet from PRINTF(3) man page
> 
> RETURN VALUE
>        Upon successful return, these functions return the number of characters 
>        printed (excluding the null byte used to end output to strings).
>

Perhaps the man page should be amended to indicate vsnprintf returns the
number of characters that would have been printed if the buffer size 
were unlimited.

We based the assumption of kernel's vsnprintf behavior out of the 
documented POSIX behavior as stated on the man page.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ