From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Joe Perches <joe@perches.com>
Cc: Jacob Pan <jacob.jun.pan@linux.intel.com>,
LKML <linux-kernel@vger.kernel.org>,
Platform Driver <platform-driver-x86@vger.kernel.org>,
Matthew Garrett <matthew.garrett@nebula.com>,
Zhang Rui <rui.zhang@intel.com>,
Rafael Wysocki <rafael.j.wysocki@intel.com>,
Len Brown <len.brown@intel.com>,
Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
Arjan van de Ven <arjan@linux.intel.com>,
Randy Dunlap <rdunlap@infradead.org>,
Paul Bolle <pebolle@tiscali.nl>
Subject: Re: [PATCH v2] Introduce Intel RAPL cooling device driver
Date: Fri, 5 Apr 2013 14:35:18 -0700 [thread overview]
Message-ID: <20130405213518.GA5615@kroah.com> (raw)
In-Reply-To: <1365197195.2075.23.camel@joe-AO722>
On Fri, Apr 05, 2013 at 02:26:35PM -0700, Joe Perches wrote:
> On Fri, 2013-04-05 at 14:02 -0700, Jacob Pan wrote:
> > +static ssize_t store_event_control(struct device *dev,
> > + struct device_attribute *attr,
> > + const char *buf,
> > + size_t size)
> > +{
> > + struct rapl_domain *rd = dev_get_drvdata(dev);
> > + unsigned int efd, new_threshold;
> > + struct file *efile = NULL;
> > + int ret = 0;
> > + int prim;
> > + struct rapl_event *ep;
> > + u64 val;
> > + char cmd[MAX_PRIM_NAME];
> > +
> > + if (sscanf(buf, "%u %s %u", &efd, cmd, &new_threshold) != 3)
> > + return -EINVAL;
>
> This sscanf looks fragile.
>
> buf = "1 some_really_long_name_longer_than_MAX_PRIM_NAME 2"
>
> stack overrun.
>
> Where does buf come from?
It comes from the sysfs core, which limits it to a PAGE_SIZE. But yes,
it does look fragile, and flat out wrong, but I'm not going into that
just yet, as that whole api should just be deleted for now.
greg k-h
next prev parent reply other threads:[~2013-04-05 21:35 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-05 21:02 [PATCH v2] RAPL (Running Average Power Limit) driver Jacob Pan
2013-04-05 21:02 ` [PATCH v2] Introduce Intel RAPL cooling device driver Jacob Pan
2013-04-05 21:06 ` Greg Kroah-Hartman
2013-04-05 21:26 ` Joe Perches
2013-04-05 21:35 ` Greg Kroah-Hartman [this message]
2013-04-12 15:32 ` Jacob Pan
2013-04-12 15:39 ` Greg Kroah-Hartman
2013-04-05 21:57 ` Jacob Pan
2013-04-05 21:06 ` [PATCH v2] RAPL (Running Average Power Limit) driver Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130405213518.GA5615@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=arjan@linux.intel.com \
--cc=jacob.jun.pan@linux.intel.com \
--cc=joe@perches.com \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew.garrett@nebula.com \
--cc=pebolle@tiscali.nl \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rafael.j.wysocki@intel.com \
--cc=rdunlap@infradead.org \
--cc=rui.zhang@intel.com \
--cc=srinivas.pandruvada@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.