From: Ryan Mallon <rmallon@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Mark Salter <msalter@redhat.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel@vger.kernel.org,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] Pass correct length to strnlen_user in fs/exec.c
Date: Fri, 09 Sep 2011 10:02:12 +1000 [thread overview]
Message-ID: <4E695784.7020303@gmail.com> (raw)
In-Reply-To: <20110908165213.6ebd844f.akpm@linux-foundation.org>
On 09/09/11 09:52, Andrew Morton wrote:
> On Thu, 08 Sep 2011 10:39:24 +1000
> Ryan Mallon <rmallon@gmail.com> wrote:
>
>> Replace valid_arg_len function in fs/exec.c with max_arg_len function
>> and pass the correct length to strnlen_user.
>>
>> --- a/fs/exec.c
>> +++ b/fs/exec.c
>> @@ -296,9 +296,9 @@ err:
>> return err;
>> }
>>
>> -static bool valid_arg_len(struct linux_binprm *bprm, long len)
>> +static long max_arg_len(struct linux_binprm *bprm)
>> {
>> - return len <= MAX_ARG_STRLEN;
>> + return MAX_ARG_STRLEN;
>> }
>>
>> #else
>> @@ -354,9 +354,9 @@ static int __bprm_mm_init(struct linux_binprm *bprm)
>> return 0;
>> }
>>
>> -static bool valid_arg_len(struct linux_binprm *bprm, long len)
>> +static long max_arg_len(struct linux_binprm *bprm)
>> {
>> - return len <= bprm->p;
>> + return bprm->p;
>> }
>>
>> #endif /* CONFIG_MMU */
>> @@ -474,18 +474,19 @@ static int copy_strings(int argc, struct user_arg_ptr argv,
>> const char __user *str;
>> int len;
>> unsigned long pos;
>> + long max_len = max_arg_len(bprm);
>>
>> ret = -EFAULT;
>> str = get_user_arg_ptr(argv, argc);
>> if (IS_ERR(str))
>> goto out;
>>
>> - len = strnlen_user(str, MAX_ARG_STRLEN);
>> - if (!len || len > MAX_ARG_STRLEN)
>> + len = strnlen_user(str, max_len);
>> + if (!len)
>> goto out;
>>
>> ret = -E2BIG;
>> - if (!valid_arg_len(bprm, len))
>> + if (len > max_len)
>> goto out;
>>
>> /* We're going to work our way backwords. */
> I'm struggling to find a reason to merge this - it churns code around
> rather pointlessly?
>
That's fine. I originally went looking after a discussion with Mark
about the weird strnlen_user semantics and this usage looked incorrect
to me because it wasn't obviously checking >= MAX_ARG_STRLEN.
The rework I think makes it a bit more clear and passes the correct max
length to strnlen_user. Its a bit odd to pass MAX_ARG_STRLEN and then
check if it is longer than bprm->len, and I guess assumes that bprm->len
is less than MAX_ARG_STRLEN.
Feel free to drop the patch if you think it is just churn.
~Ryan
next prev parent reply other threads:[~2011-09-09 0:02 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-08 0:39 [PATCH] Pass correct length to strnlen_user in fs/exec.c Ryan Mallon
2011-09-08 23:52 ` Andrew Morton
2011-09-09 0:02 ` Ryan Mallon [this message]
2011-09-16 16:36 ` halfdog
2011-09-17 0:03 ` Ryan Mallon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E695784.7020303@gmail.com \
--to=rmallon@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=msalter@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).