lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251220111645.2246009-2-liwang@redhat.com>
Date: Sat, 20 Dec 2025 19:16:43 +0800
From: Li Wang <liwang@...hat.com>
To: linux-kselftest@...r.kernel.org,
	akpm@...ux-foundation.org,
	linux-kernel@...r.kernel.org,
	linux-mm@...ck.org
Cc: David Hildenbrand <david@...nel.org>,
	Mark Brown <broonie@...nel.org>,
	Shuah Khan <shuah@...nel.org>,
	Waiman Long <longman@...hat.com>
Subject: [PATCH 1/3] selftests/mm/write_to_hugetlbfs: parse -s with strtoull and use size_t

write_to_hugetlbfs currently parses the -s size argument with atoi()
into an int. This silently accepts malformed input, cannot report overflow,
and can truncate large sizes.

--- Error log ---
 # uname -r
 6.12.0-xxx.el10.aarch64+64k

 # ls /sys/kernel/mm/hugepages/hugepages-*
 hugepages-16777216kB/  hugepages-2048kB/  hugepages-524288kB/

 #./charge_reserved_hugetlb.sh -cgroup-v2
 # -----------------------------------------
 ...
 # nr hugepages = 10
 # writing cgroup limit: 5368709120
 # writing reseravation limit: 5368709120
 ...
 # Writing to this path: /mnt/huge/test
 # Writing this size: -1610612736        <--------

Switch size to size_t and parse -s using strtoull() with proper validation.
Also print the size using %zu.

This makes the test utility more robust and avoids undefined/incorrect
behavior with large or invalid -s values.

Signed-off-by: Li Wang <liwang@...hat.com>
Cc: David Hildenbrand <david@...nel.org>
Cc: Mark Brown <broonie@...nel.org>
Cc: Shuah Khan <shuah@...nel.org>
Cc: Waiman Long <longman@...hat.com>
---
 .../testing/selftests/mm/write_to_hugetlbfs.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/mm/write_to_hugetlbfs.c b/tools/testing/selftests/mm/write_to_hugetlbfs.c
index 34c91f7e6128..61f34b35dc27 100644
--- a/tools/testing/selftests/mm/write_to_hugetlbfs.c
+++ b/tools/testing/selftests/mm/write_to_hugetlbfs.c
@@ -68,7 +68,7 @@ int main(int argc, char **argv)
 	int key = 0;
 	int *ptr = NULL;
 	int c = 0;
-	int size = 0;
+	size_t size = 0;
 	char path[256] = "";
 	enum method method = MAX_METHOD;
 	int want_sleep = 0, private = 0;
@@ -86,7 +86,20 @@ int main(int argc, char **argv)
 	while ((c = getopt(argc, argv, "s:p:m:owlrn")) != -1) {
 		switch (c) {
 		case 's':
-			size = atoi(optarg);
+			errno = 0;
+			char *end = NULL;
+			unsigned long long tmp = strtoull(optarg, &end, 10);
+			if (errno || end == optarg || *end != '\0') {
+				errno = EINVAL;
+				perror("Invalid -s size");
+				exit_usage();
+			}
+			if (tmp == 0) {
+				errno = EINVAL;
+				perror("size not found");
+				exit_usage();
+			}
+			size = (size_t)tmp;
 			break;
 		case 'p':
 			strncpy(path, optarg, sizeof(path) - 1);
@@ -131,7 +144,7 @@ int main(int argc, char **argv)
 	}
 
 	if (size != 0) {
-		printf("Writing this size: %d\n", size);
+		printf("Writing this size: %zu\n", size);
 	} else {
 		errno = EINVAL;
 		perror("size not found");
-- 
2.49.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ