Re: sg_dd bpt= count= - Douglas Gilbert

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Douglas Gilbert <dougg@torque.net>
To: Pat LaVarre <p.lavarre@ieee.org>
Cc: linux-scsi@vger.kernel.org
Subject: Re: sg_dd bpt= count=
Date: Tue, 21 Oct 2003 09:53:09 +1000	[thread overview]
Message-ID: <3F947565.1030804@torque.net> (raw)
In-Reply-To: <1066679354.2833.66.camel@patehci2>

Pat LaVarre wrote:
>>>sudo sg_dd of=/dev/sg0 if=/dev/zero bs=2k bpt= count=
>>>may reliably take down kernels.
> 
> 
> To sg3_utils sg_dd.c I first propose the following patch, to persuade
> get_num to return determinate results more often.
> 
> Specifically I propose changing:
> 
>         char c;
>         res = sscanf(buf, "%d%c", &num, &c);
>         if (0 == res) ...
>         else if (1 == res) ...
>         else {
>                 switch (c) { ...
> 
> Personally I believe that source fragment switches on uninitialised c in
> the situation `man sscanf` describes as: "RETURN VALUE ... The value EOF
> is returned if an input failure occurs before any conversion such as an
> end-of-file occurs ...".
> 
> As a test, I did separately execute get_num("").  For me once the
> uninitialised c and num were then 8 and 1108545272 (aka x42130EF8), so
> the result was -1.  I notice gcc -Wall doesn't mention this kind of
> read-before-write.
> 
> Pat LaVarre
> 
> P.S. Also I wonder if we would prefer rewriting these "return -1" as
> loud exits e.g.:
> 
> fprintf(stderr, "file %s line %d\n", __FILE__, __LINE__);
> exit(-1);
> 
> --- sg3_utils-1.05/sg_dd.c	2003-10-19 03:35:32.000000000 -0600
> +++ sg3_utils/sg_dd.c	2003-10-20 13:35:20.515143520 -0600
> @@ -475,10 +475,10 @@
>      char c;
>  
>      res = sscanf(buf, "%d%c", &num, &c);
> -    if (0 == res)
> -        return -1;
> -    else if (1 == res)
> +    if (1 == res)
>          return num;
> +    else if (2 != res)
> +        return -1;
>      else {
>          switch (c) {
>          case 'c':

Pat,
Applied to sg3_utils. Also added a check for non-positive bpt.
There is a new beta on http://www.torque.net/sg

Doug Gilbert

next prev parent reply	other threads:[~2003-10-20 23:53 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-10-14 23:40 sg_dd bpt= count= Pat LaVarre
2003-10-20 18:21 ` Pat LaVarre
2003-10-20 19:49   ` Pat LaVarre
2003-10-20 21:34     ` Pat LaVarre
2003-10-20 23:53     ` Douglas Gilbert [this message]
2003-10-21 19:44       ` Pat LaVarre

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3F947565.1030804@torque.net \
    --to=dougg@torque.net \
    --cc=linux-scsi@vger.kernel.org \
    --cc=p.lavarre@ieee.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.