| Message ID | 20201203114040.12656-1-ruc_zhangxiaohui@163.com |
|---|---|
| State | New |
| Headers | show |
| Series | [1/1] target: Make sure no zero value in the buffer | expand |
On 03.12.20 12:40, Xiaohui Zhang wrote: > From: Zhang Xiaohui <ruc_zhangxiaohui@163.com> > > The fix makes sure no zero value in the buffer, by comparing the > strlen() of the original buffer with the size variable. What problem do you want to fix here? I think, presently iblock_set_configfs_dev_params() just ignores input after a possible zero byte, which AFAICS is the usual way to handle such 'abnormal' input. Of course, strictly taken it is a bug to return 'count' without having processed count bytes. OTOH, iblock_set_configfs_dev_params also silently ignores unknown parameter strings. If you want to have strict error handling in such sys- or config-FS callbacks, you have to do a lot of work ... > > Signed-off-by: Zhang Xiaohui <ruc_zhangxiaohui@163.com> > --- > drivers/target/target_core_iblock.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/target/target_core_iblock.c b/drivers/target/target_core_iblock.c > index f2bd2e207..b23e92449 100644 > --- a/drivers/target/target_core_iblock.c > +++ b/drivers/target/target_core_iblock.c > @@ -537,6 +537,8 @@ static ssize_t iblock_set_configfs_dev_params(struct se_device *dev, > int ret = 0, token; > unsigned long tmp_readonly; > > + if (strlen(page) < count) > + return -EOVERFLOW; > opts = kstrdup(page, GFP_KERNEL); > if (!opts) > return -ENOMEM; >
diff --git a/drivers/target/target_core_iblock.c b/drivers/target/target_core_iblock.c index f2bd2e207..b23e92449 100644 --- a/drivers/target/target_core_iblock.c +++ b/drivers/target/target_core_iblock.c @@ -537,6 +537,8 @@ static ssize_t iblock_set_configfs_dev_params(struct se_device *dev, int ret = 0, token; unsigned long tmp_readonly; + if (strlen(page) < count) + return -EOVERFLOW; opts = kstrdup(page, GFP_KERNEL); if (!opts) return -ENOMEM;