From: Oleg Nesterov <oleg@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andi Kleen <andi@firstfloor.org>,
Colin Walters <walters@verbum.org>,
Denys Vlasenko <vda.linux@googlemail.com>,
Jiri Slaby <jslaby@suse.cz>,
Lennart Poettering <mzxreary@0pointer.de>,
Lucas De Marchi <lucas.de.marchi@gmail.com>,
Neil Horman <nhorman@tuxdriver.com>,
linux-kernel@vger.kernel.org
Subject: [PATCH 4/6] coredump: kill cn_escape(), introduce cn_esc_printf()
Date: Wed, 15 May 2013 22:12:29 +0200 [thread overview]
Message-ID: <20130515201229.GA14641@redhat.com> (raw)
In-Reply-To: <20130515201158.GA14606@redhat.com>
The usage of cn_escape() looks really annoying, imho this
sequence needs a wrapper. And it is buggy. If cn_printf()
does expand_corename() cn_escape() writes to the freed
memory.
Introduce cn_esc_printf() which hopefully does this all right.
It records the index before cn_vprintf(), not "char *" which
is no longer valid (in general) after krealloc().
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
fs/coredump.c | 44 +++++++++++++++++++++-----------------------
1 files changed, 21 insertions(+), 23 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index 2b1d1f5..8b42688 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -99,11 +99,21 @@ static int cn_printf(struct core_name *cn, const char *fmt, ...)
return ret;
}
-static void cn_escape(char *str)
+static int cn_esc_printf(struct core_name *cn, const char *fmt, ...)
{
- for (; *str; str++)
- if (*str == '/')
- *str = '!';
+ int cur = cn->used;
+ va_list arg;
+ int ret;
+
+ va_start(arg, fmt);
+ ret = cn_vprintf(cn, fmt, arg);
+ va_end(arg);
+
+ for (; cur < cn->used; ++cur) {
+ if (cn->corename[cur] == '/')
+ cn->corename[cur] = '!';
+ }
+ return ret;
}
static int cn_print_exe_file(struct core_name *cn)
@@ -113,12 +123,8 @@ static int cn_print_exe_file(struct core_name *cn)
int ret;
exe_file = get_mm_exe_file(current->mm);
- if (!exe_file) {
- char *commstart = cn->corename + cn->used;
- ret = cn_printf(cn, "%s (path unknown)", current->comm);
- cn_escape(commstart);
- return ret;
- }
+ if (!exe_file)
+ ret = cn_esc_printf(cn, "%s (path unknown)", current->comm);
pathbuf = kmalloc(PATH_MAX, GFP_TEMPORARY);
if (!pathbuf) {
@@ -132,9 +138,7 @@ static int cn_print_exe_file(struct core_name *cn)
goto free_buf;
}
- cn_escape(path);
-
- ret = cn_printf(cn, "%s", path);
+ ret = cn_esc_printf(cn, "%s", path);
free_buf:
kfree(pathbuf);
@@ -207,22 +211,16 @@ static int format_corename(struct core_name *cn, struct coredump_params *cprm)
break;
}
/* hostname */
- case 'h': {
- char *namestart = cn->corename + cn->used;
+ case 'h':
down_read(&uts_sem);
- err = cn_printf(cn, "%s",
+ err = cn_esc_printf(cn, "%s",
utsname()->nodename);
up_read(&uts_sem);
- cn_escape(namestart);
break;
- }
/* executable */
- case 'e': {
- char *commstart = cn->corename + cn->used;
- err = cn_printf(cn, "%s", current->comm);
- cn_escape(commstart);
+ case 'e':
+ err = cn_esc_printf(cn, "%s", current->comm);
break;
- }
case 'E':
err = cn_print_exe_file(cn);
break;
--
1.5.5.1
next prev parent reply other threads:[~2013-05-15 20:16 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-15 20:11 [PATCH 0/6] coredump: format_corename() fixes/cleanups Oleg Nesterov
2013-05-15 20:12 ` [PATCH 1/6] coredump: format_corename() can leak cn->corename Oleg Nesterov
2013-05-15 20:12 ` [PATCH 2/6] coredump: introduce cn_vprintf() Oleg Nesterov
2013-05-15 20:12 ` [PATCH 3/6] coredump: cn_vprintf() has no reason to call vsnprintf() twice Oleg Nesterov
2013-05-15 20:12 ` Oleg Nesterov [this message]
2013-05-15 20:26 ` [PATCH v2 4/6] coredump: kill cn_escape(), introduce cn_esc_printf() Oleg Nesterov
2013-05-15 20:12 ` [PATCH 5/6] coredump: kill call_count, add core_name_size Oleg Nesterov
2013-05-24 19:53 ` Andrew Morton
2013-05-27 15:16 ` Oleg Nesterov
2013-05-15 20:12 ` [PATCH 6/6] coredump: '% at the end' shouldn't bypass core_uses_pid logic Oleg Nesterov
2013-05-16 13:28 ` [PATCH 0/6] coredump: format_corename() fixes/cleanups Neil Horman
[not found] ` <20130516154323.GA19060@redhat.com>
2013-05-16 15:43 ` [PATCH 1/1] usermodehelper: check subprocess_info->path != NULL Oleg Nesterov
2013-05-16 16:16 ` Lucas De Marchi
2013-05-16 17:13 ` Oleg Nesterov
[not found] ` <20130516182624.GA29455@redhat.com>
2013-05-16 18:38 ` [PATCH 7/6] coredump: avoid the uninitialized cn->corename if core_pattern is empty Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130515201229.GA14641@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=lucas.de.marchi@gmail.com \
--cc=mzxreary@0pointer.de \
--cc=nhorman@tuxdriver.com \
--cc=vda.linux@googlemail.com \
--cc=walters@verbum.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.