[patch] PM / hibernate: memory corruption in resumedelay

linux-pm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [patch]  PM / hibernate: memory corruption in resumedelay_setup()
@ 2014-05-14 12:57 Dan Carpenter
  2014-05-14 15:56 ` Pavel Machek
  0 siblings, 1 reply; 5+ messages in thread
From: Dan Carpenter @ 2014-05-14 12:57 UTC (permalink / raw)
  To: Rafael J. Wysocki, Fabian Frederick
  Cc: Len Brown, Pavel Machek, linux-pm, kernel-janitors

"resume_delay" is not an unsigned long, it's an int, so this will
corrupt memory on 64 bit systems.

Fixes: 317cf7e5e85e ('PM / hibernate: convert simple_strtoul to kstrtoul')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>

diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
index 2377ff7..3659b26 100644
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -1115,8 +1115,9 @@ static int __init resumewait_setup(char *str)
 
 static int __init resumedelay_setup(char *str)
 {
-	int rc = kstrtoul(str, 0, (unsigned long *)&resume_delay);
+	int rc;
 
+	rc = kstrtoint(str, 0, &resume_delay);
 	if (rc)
 		return rc;
 	return 1;

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [patch]  PM / hibernate: memory corruption in resumedelay_setup()
  2014-05-14 12:57 [patch] PM / hibernate: memory corruption in resumedelay_setup() Dan Carpenter
@ 2014-05-14 15:56 ` Pavel Machek
  2014-05-14 16:08   ` [patch v2] " Dan Carpenter
  0 siblings, 1 reply; 5+ messages in thread
From: Pavel Machek @ 2014-05-14 15:56 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Rafael J. Wysocki, Fabian Frederick, Len Brown, linux-pm,
	kernel-janitors

Hi!

> "resume_delay" is not an unsigned long, it's an int, so this will
> corrupt memory on 64 bit systems.

ssleep takes unsigned int.

Variable is int.

We parse it using kstrtoul.

So I'd suggest: switch resume_delay variable to unsigned int, and use
kstrtouint().

> Fixes: 317cf7e5e85e ('PM / hibernate: convert simple_strtoul to kstrtoul')
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> 
> diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
> index 2377ff7..3659b26 100644
> --- a/kernel/power/hibernate.c
> +++ b/kernel/power/hibernate.c
> @@ -1115,8 +1115,9 @@ static int __init resumewait_setup(char *str)
>  
>  static int __init resumedelay_setup(char *str)
>  {
> -	int rc = kstrtoul(str, 0, (unsigned long *)&resume_delay);
> +	int rc;
>  
> +	rc = kstrtoint(str, 0, &resume_delay);

...and if possible, keep it on one line.

Thanks,
								Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [patch v2]  PM / hibernate: memory corruption in resumedelay_setup()
  2014-05-14 15:56 ` Pavel Machek
@ 2014-05-14 16:08   ` Dan Carpenter
  2014-05-14 20:29     ` Pavel Machek
  0 siblings, 1 reply; 5+ messages in thread
From: Dan Carpenter @ 2014-05-14 16:08 UTC (permalink / raw)
  To: Rafael J. Wysocki
  Cc: Len Brown, Pavel Machek, Fabian Frederick, linux-pm,
	kernel-janitors

In the original code "resume_delay" is an int so on 64 bits, the call to
kstrtoul() will cause memory corruption.  We may as well fix a style
issue here as well and make "resume_delay" unsigned int, since that's
what we pass to ssleep().

Fixes: 317cf7e5e85e ('PM / hibernate: convert simple_strtoul to kstrtoul')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
v2: style differences

diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
index 2377ff7..df88d55 100644
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -35,7 +35,7 @@
 static int nocompress;
 static int noresume;
 static int resume_wait;
-static int resume_delay;
+static unsigned int resume_delay;
 static char resume_file[256] = CONFIG_PM_STD_PARTITION;
 dev_t swsusp_resume_device;
 sector_t swsusp_resume_block;
@@ -1115,7 +1115,7 @@ static int __init resumewait_setup(char *str)
 
 static int __init resumedelay_setup(char *str)
 {
-	int rc = kstrtoul(str, 0, (unsigned long *)&resume_delay);
+	int rc = kstrtouint(str, 0, &resume_delay);
 
 	if (rc)
 		return rc;

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [patch v2]  PM / hibernate: memory corruption in resumedelay_setup()
  2014-05-14 16:08   ` [patch v2] " Dan Carpenter
@ 2014-05-14 20:29     ` Pavel Machek
  2014-05-19 23:23       ` Rafael J. Wysocki
  0 siblings, 1 reply; 5+ messages in thread
From: Pavel Machek @ 2014-05-14 20:29 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Rafael J. Wysocki, Len Brown, Fabian Frederick, linux-pm,
	kernel-janitors

On Wed 2014-05-14 19:08:46, Dan Carpenter wrote:
> In the original code "resume_delay" is an int so on 64 bits, the call to
> kstrtoul() will cause memory corruption.  We may as well fix a style
> issue here as well and make "resume_delay" unsigned int, since that's
> what we pass to ssleep().

> Fixes: 317cf7e5e85e ('PM / hibernate: convert simple_strtoul to kstrtoul')
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>

Acked-by: Pavel Machek <pavel@ucw.cz>

And thanks :-).
								Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [patch v2]  PM / hibernate: memory corruption in resumedelay_setup()
  2014-05-14 20:29     ` Pavel Machek
@ 2014-05-19 23:23       ` Rafael J. Wysocki
  0 siblings, 0 replies; 5+ messages in thread
From: Rafael J. Wysocki @ 2014-05-19 23:23 UTC (permalink / raw)
  To: Pavel Machek
  Cc: Dan Carpenter, Len Brown, Fabian Frederick, linux-pm,
	kernel-janitors

On Wednesday, May 14, 2014 10:29:47 PM Pavel Machek wrote:
> On Wed 2014-05-14 19:08:46, Dan Carpenter wrote:
> > In the original code "resume_delay" is an int so on 64 bits, the call to
> > kstrtoul() will cause memory corruption.  We may as well fix a style
> > issue here as well and make "resume_delay" unsigned int, since that's
> > what we pass to ssleep().
> 
> > Fixes: 317cf7e5e85e ('PM / hibernate: convert simple_strtoul to kstrtoul')
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> 
> Acked-by: Pavel Machek <pavel@ucw.cz>

Queued up for 3.16, thanks!


-- 
I speak only for myself.
Rafael J. Wysocki, Intel Open Source Technology Center.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2014-05-19 23:07 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-14 12:57 [patch] PM / hibernate: memory corruption in resumedelay_setup() Dan Carpenter
2014-05-14 15:56 ` Pavel Machek
2014-05-14 16:08   ` [patch v2] " Dan Carpenter
2014-05-14 20:29     ` Pavel Machek
2014-05-19 23:23       ` Rafael J. Wysocki

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).