From: Vladimir Zapolskiy <vz@mleia.com>
To: Tejun Heo <tj@kernel.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs: sysfs: don't pass count == 0 to bin file readers
Date: Fri, 22 May 2015 02:04:31 +0300 [thread overview]
Message-ID: <555E647F.7070907@mleia.com> (raw)
In-Reply-To: <20150521221423.GK4914@htj.duckdns.org>
Hello Tejun,
On 22.05.2015 01:14, Tejun Heo wrote:
> Hello,
>
> On Fri, May 22, 2015 at 12:21:16AM +0300, Vladimir Zapolskiy wrote:
>> If count == 0 bytes are requested by a reader, sysfs_kf_bin_read()
>> deliberately returns 0 without passing a potentially harmful value to
>> some externally defined underlying battr->read() function.
>>
>> However in case of (pos == size && count) the next clause always sets
>> count to 0 and this value is handed over to battr->read().
>>
>> The change intends to make obsolete (and remove later) a redundant
>> sanity check in battr->read(), if it is present, or add more
>> protection to struct bin_attribute users, who does not care about
>> input arguments.
>>
>> Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
>> ---
>> fs/sysfs/file.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
>> index 7c2867b..6c95628 100644
>> --- a/fs/sysfs/file.c
>> +++ b/fs/sysfs/file.c
>> @@ -90,7 +90,7 @@ static ssize_t sysfs_kf_bin_read(struct kernfs_open_file *of, char *buf,
>> return 0;
>>
>> if (size) {
>> - if (pos > size)
>> + if (pos >= size)
>> return 0;
>> if (pos + count > size)
>> count = size - pos;
>
> Hmmm... maybe just move that test upwards?
>
> if (!count || pos >= size)
> return 0;
>
> count = min(count, size - pos);
>
If the code block stays within if (size && count) { ... }, then !count
check is redundant (you may notice that !count check is already present
above but not shown in diff's 3 lines context), and I agree that
if (pos >= size)
return 0;
if (pos + count > size)
count = size - pos;
and
if (pos >= size)
return 0;
count = min(count, size - pos);
are equal.
But "!size" is a special case,
if (!count || pos >= size)
return 0;
seems to be incorrect in case of !size ===> (pos >= size) == true.
To the sent change I may add a replacement of "if (pos + count > size)
..." with min_t (ssize_t, count, size - pos), if you wish.
--
With best wishes,
Vladimir
next prev parent reply other threads:[~2015-05-21 23:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-21 21:21 [PATCH] fs: sysfs: don't pass count == 0 to bin file readers Vladimir Zapolskiy
2015-05-21 22:14 ` Tejun Heo
2015-05-21 23:04 ` Vladimir Zapolskiy [this message]
2015-05-21 23:26 ` Tejun Heo
2015-05-22 0:46 ` Vladimir Zapolskiy
2015-05-25 0:07 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=555E647F.7070907@mleia.com \
--to=vz@mleia.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.