From: Chen Gang <gang.chen@asianux.com>
To: sparclinux@vger.kernel.org
Subject: Re: [PATCH] arch/sparc: additional len check in loop for prom_getbootargs
Date: Tue, 13 Nov 2012 03:25:37 +0000 [thread overview]
Message-ID: <50A1BDB1.5050003@asianux.com> (raw)
In-Reply-To: <509B29F3.2040006@asianux.com>
于 2012年11月09日 00:33, Sam Ravnborg 写道:
> Hi Cheng.
> On Thu, Nov 08, 2012 at 11:41:39AM +0800, Chen Gang wrote:
>>
>> when cp >= barg_buf + BARG_LEN-2, it only break internel loop (while)
>> but outside loop (for) still has effect, and "*cp++ = ' '" repeating
>> so need additional checking for it.
>>
>>
>> Signed-off-by: Chen Gang <gang.chen@asianux.com>
>
> I wonder how you found this bug?!?!
I only find it through "code review".
A) I grep all "strcpy" in kernel wide (about 2943 lines)
B) I check them one by one.
i) when I check strcpy, also reading all relative source code.
ii) my goal is finding issues.
iii) if I think it is valuable to continue reading, I will do.
C) when find arch/sparc, I find this bug (although it is not relative with strcpy).
It seems just starting (I have only finished checking 10 lines strcpy of 2943 lines),
> Anyway please consider this alternative fix:
>
> diff --git a/arch/sparc/prom/bootstr_32.c b/arch/sparc/prom/bootstr_32.c
> index f5ec32e..4ce602f 100644
> --- a/arch/sparc/prom/bootstr_32.c
> +++ b/arch/sparc/prom/bootstr_32.c
> @@ -31,14 +31,10 @@ prom_getbootargs(void)
> arg = (*(romvec->pv_v0bootargs))->argv[iter];
> if (arg = NULL)
> break;
> - while(*arg != 0) {
> - /* Leave place for space and null. */
> - if(cp >= barg_buf + BARG_LEN-2){
> - /* We might issue a warning here. */
> - break;
> - }
> + while (*arg != 0 && cp < (barg_buf + BARG_LEN - 2))
> *cp++ = *arg++;
> - }
> +
> + /* Append trailing space + null */
> *cp++ = ' ';
> }
> *cp = 0;
>
>
> Adding the conditional inside the while loop makes
> the logic simpler. And the patch actually deletes more lines than it adds.
> And please take care to follow coding style too. In particular spaces around operators.
>
> The old code does not follow coding style - but this is no excuse.
>
I agree with the contents above.
> Note - the above is not even build tested!
>
A) I think, it will be better to give a test (although it seems obviously)
B) but sorry for I have no relative environments now.
i) if testing is necessary;
ii) also if you have no environments, either.
iii) I should try. (please tell me)
> If you use the above code-snippet you can add my:
> Acked-by: Sam Ravnborg <sam@ravnborg.org>
>
I think it is necessary, you can do it, automatically.
if truly need I do, please tell me.
--
Chen Gang
Asianux Corporation
next prev parent reply other threads:[~2012-11-13 3:25 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-08 3:41 [PATCH] arch/sparc: additional len check in loop for prom_getbootargs Chen Gang
2012-11-08 16:33 ` Sam Ravnborg
2012-11-09 3:15 ` Chen Gang
2012-11-09 3:16 ` David Miller
2012-11-09 3:25 ` Chen Gang
2012-11-09 5:06 ` Julian Calaby
2012-11-09 5:29 ` Chen Gang
2012-11-13 3:06 ` Chen Gang
2012-11-13 3:25 ` Chen Gang [this message]
2012-11-13 4:46 ` Chen Gang
2012-11-13 5:06 ` David Miller
2012-11-13 5:29 ` Chen Gang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50A1BDB1.5050003@asianux.com \
--to=gang.chen@asianux.com \
--cc=sparclinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.