Re: [PATCH 1/4] libmultipath: get_udev_uid: make sure pp->wwid is 0-terminated

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Bart Van Assche <Bart.VanAssche@wdc.com>
To: "bmarzins@redhat.com" <bmarzins@redhat.com>,
	"tang.junhui@zte.com.cn" <tang.junhui@zte.com.cn>,
	"mwilck@suse.de" <mwilck@suse.de>, "hare@suse.de" <hare@suse.de>,
	"christophe.varoqui@opensvc.com" <christophe.varoqui@opensvc.com>,
	"guanjunxiong@huawei.com" <guanjunxiong@huawei.com>
Cc: "dm-devel@redhat.com" <dm-devel@redhat.com>,
	"xose.vazquez@gmail.com" <xose.vazquez@gmail.com>,
	"linux-nvme@lists.infradead.org" <linux-nvme@lists.infradead.org>
Subject: Re: [PATCH 1/4] libmultipath: get_udev_uid: make sure pp->wwid is 0-terminated
Date: Fri, 14 Jul 2017 20:21:44 +0000	[thread overview]
Message-ID: <1500063703.2662.9.camel@wdc.com> (raw)
In-Reply-To: <1500060099.4808.21.camel@suse.de>

On Fri, 2017-07-14 at 21:21 +0200, Martin Wilck wrote:
> On Fri, 2017-07-14 at 14:56 +0000, Bart Van Assche wrote:
> > How about using the following (untested) alternative?
> > 
> > diff --git a/libmultipath/discovery.c b/libmultipath/discovery.c
> > index eca4ce97..80d962e6 100644
> > --- a/libmultipath/discovery.c
> > +++ b/libmultipath/discovery.c
> > @@ -1607,13 +1607,8 @@ get_udev_uid(struct path * pp, char
> > *uid_attribute, struct udev_device *udev)
> >  	if (!value || strlen(value) == 0)
> >  		value = getenv(uid_attribute);
> >  	if (value && strlen(value)) {
> > -		if (strlen(value) + 1 > WWID_SIZE) {
> > +		if (strlcpy(pp->wwid, value, sizeof(pp->wwid)) >=
> > WWID_SIZE)
> >  			condlog(0, "%s: wwid overflow", pp->dev);
> > -			len = WWID_SIZE;
> > -		} else {
> > -			len = strlen(value);
> > -		}
> > -		strncpy(pp->wwid, value, len);
> >  	} else {
> >  		condlog(3, "%s: no %s attribute", pp->dev,
> >  			uid_attribute);
> 
> Let's have a strncpy vs. strlcpy discussion :D !
>
> I can do this if you insist, but I don't see a big benefit. We've
> tested with the patch I submitted.

My comments were not intended as an invitation to open a strncpy() vs. strlcpy()
discussion. What I wanted to illustrate with the above patch is that when using
strlcpy() it is not necessary to explicitly zero-terminate a string because
strlcpy() guarantees zero-termination. Compact code that is as readable as more
verbose code is always better because compact code is easier to verify.

Bart.

WARNING: multiple messages have this Message-ID (diff)

From: Bart.VanAssche@wdc.com (Bart Van Assche)
Subject: [dm-devel] [PATCH 1/4] libmultipath: get_udev_uid: make sure pp->wwid is 0-terminated
Date: Fri, 14 Jul 2017 20:21:44 +0000	[thread overview]
Message-ID: <1500063703.2662.9.camel@wdc.com> (raw)
In-Reply-To: <1500060099.4808.21.camel@suse.de>

On Fri, 2017-07-14@21:21 +0200, Martin Wilck wrote:
> On Fri, 2017-07-14@14:56 +0000, Bart Van Assche wrote:
> > How about using the following (untested) alternative?
> > 
> > diff --git a/libmultipath/discovery.c b/libmultipath/discovery.c
> > index eca4ce97..80d962e6 100644
> > --- a/libmultipath/discovery.c
> > +++ b/libmultipath/discovery.c
> > @@ -1607,13 +1607,8 @@ get_udev_uid(struct path * pp, char
> > *uid_attribute, struct udev_device *udev)
> >  	if (!value || strlen(value) == 0)
> >  		value = getenv(uid_attribute);
> >  	if (value && strlen(value)) {
> > -		if (strlen(value) + 1 > WWID_SIZE) {
> > +		if (strlcpy(pp->wwid, value, sizeof(pp->wwid)) >=
> > WWID_SIZE)
> >  			condlog(0, "%s: wwid overflow", pp->dev);
> > -			len = WWID_SIZE;
> > -		} else {
> > -			len = strlen(value);
> > -		}
> > -		strncpy(pp->wwid, value, len);
> >  	} else {
> >  		condlog(3, "%s: no %s attribute", pp->dev,
> >  			uid_attribute);
> 
> Let's have a strncpy vs. strlcpy discussion :D !
>
> I can do this if you insist, but I don't see a big benefit. We've
> tested with the patch I submitted.

My comments were not intended as an invitation to open a strncpy() vs. strlcpy()
discussion. What I wanted to illustrate with the above patch is that when using
strlcpy() it is not necessary to explicitly zero-terminate a string because
strlcpy() guarantees zero-termination. Compact code that is as readable as more
verbose code is always better because compact code is easier to verify.

Bart.

next prev parent reply	other threads:[~2017-07-14 20:21 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-07-14 11:32 [PATCH 0/4] libmultipath: Fixes for NVME / NVMEoF Martin Wilck
2017-07-14 11:32 ` Martin Wilck
2017-07-14 11:32 ` [PATCH 1/4] libmultipath: get_udev_uid: make sure pp->wwid is 0-terminated Martin Wilck
2017-07-14 11:32   ` Martin Wilck
2017-07-14 14:56   ` Bart Van Assche
2017-07-14 14:56     ` [dm-devel] " Bart Van Assche
2017-07-14 19:21     ` Martin Wilck
2017-07-14 19:21       ` [dm-devel] " Martin Wilck
2017-07-14 20:21       ` Bart Van Assche [this message]
2017-07-14 20:21         ` Bart Van Assche
2017-07-14 21:21         ` Martin Wilck
2017-07-14 21:21           ` [dm-devel] " Martin Wilck
2017-07-14 21:27           ` Bart Van Assche
2017-07-14 21:27             ` [dm-devel] " Bart Van Assche
2017-07-14 22:17   ` Benjamin Marzinski
2017-07-14 22:17     ` Benjamin Marzinski
2017-07-14 11:32 ` [PATCH 2/4] libmultipath: drop uevent_can_discard_by_devpath Martin Wilck
2017-07-14 11:32   ` Martin Wilck
2017-07-14 22:18   ` Schremmer, Steven
2017-07-14 22:18     ` [dm-devel] " Schremmer, Steven
2017-07-14 22:29   ` Benjamin Marzinski
2017-07-14 22:29     ` Benjamin Marzinski
2017-07-17  1:12   ` Guan Junxiong
2017-07-17  1:12     ` Guan Junxiong
2017-07-14 11:32 ` [PATCH 3/4] libmultipath: only listen for uevents with DEVTYPE=disk Martin Wilck
2017-07-14 11:32   ` Martin Wilck
2017-07-14 22:16   ` Schremmer, Steven
2017-07-14 22:16     ` [dm-devel] " Schremmer, Steven
2017-07-14 22:29   ` Benjamin Marzinski
2017-07-14 22:29     ` Benjamin Marzinski
2017-07-17  1:12   ` Guan Junxiong
2017-07-17  1:12     ` Guan Junxiong
2017-07-14 11:32 ` [PATCH 4/4] libmultipath: fix over-long NVME WWIDs Martin Wilck
2017-07-14 11:32   ` Martin Wilck
2017-07-14 22:38   ` Benjamin Marzinski
2017-07-14 22:38     ` Benjamin Marzinski
2017-07-17  1:13   ` Guan Junxiong
2017-07-17  1:13     ` Guan Junxiong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1500063703.2662.9.camel@wdc.com \
    --to=bart.vanassche@wdc.com \
    --cc=bmarzins@redhat.com \
    --cc=christophe.varoqui@opensvc.com \
    --cc=dm-devel@redhat.com \
    --cc=guanjunxiong@huawei.com \
    --cc=hare@suse.de \
    --cc=linux-nvme@lists.infradead.org \
    --cc=mwilck@suse.de \
    --cc=tang.junhui@zte.com.cn \
    --cc=xose.vazquez@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.