From: David Laight <david.laight.linux@gmail.com>
To: Thorsten Blum <thorsten.blum@linux.dev>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>,
Daniel Lezcano <daniel.lezcano@linaro.org>,
Zhang Rui <rui.zhang@intel.com>,
Lukasz Luba <lukasz.luba@arm.com>,
linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] thermal: core: Use strnlen in thermal_zone_device_register_with_trips
Date: Tue, 16 Dec 2025 19:44:13 +0000 [thread overview]
Message-ID: <20251216194413.1f12a3df@pumpkin> (raw)
In-Reply-To: <20251216130943.40180-2-thorsten.blum@linux.dev>
On Tue, 16 Dec 2025 14:09:44 +0100
Thorsten Blum <thorsten.blum@linux.dev> wrote:
> Replace strlen() with the safer strnlen() and calculate the length of
> the thermal zone name 'type' only once. No functional changes.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
> Changes in v2:
> - Format the code differently (Rafael)
> - Link to v1: https://lore.kernel.org/lkml/20251215121633.375193-1-thorsten.blum@linux.dev/
> ---
> drivers/thermal/thermal_core.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/thermal/thermal_core.c b/drivers/thermal/thermal_core.c
> index 17ca5c082643..90e7edf16a52 100644
> --- a/drivers/thermal/thermal_core.c
> +++ b/drivers/thermal/thermal_core.c
> @@ -1505,15 +1505,19 @@ thermal_zone_device_register_with_trips(const char *type,
> const struct thermal_trip *trip = trips;
> struct thermal_zone_device *tz;
> struct thermal_trip_desc *td;
> + size_t type_len = 0;
> int id;
> int result;
>
> - if (!type || strlen(type) == 0) {
That one can just be:
if (!type || !type[0])
Although one might ask 'why bother'.
Pretty much all kernel code has to assume that the callers pass reasonably
sane data.
Sanity checks for things that are easy to get wrong are one thing,
but some of the checks in this function look pretty pointless.
> + if (type)
> + type_len = strnlen(type, THERMAL_NAME_LENGTH);
> +
> + if (type_len == 0) {
> pr_err("No thermal zone type defined\n");
> return ERR_PTR(-EINVAL);
> }
>
> - if (strlen(type) >= THERMAL_NAME_LENGTH) {
The code does want to check this - to stop the actual copy getting truncated
much later on - especially since at least on caller had to do an snprintf()
into a 'too long' buffer to stop gcc bleating.
But I'm not sure you need to worry about strlen() v strnlen().
(The kernel hardening people probably disagree...)
David
> + if (type_len == THERMAL_NAME_LENGTH) {
> pr_err("Thermal zone name (%s) too long, should be under %d chars\n",
> type, THERMAL_NAME_LENGTH);
> return ERR_PTR(-EINVAL);
prev parent reply other threads:[~2025-12-16 21:33 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-16 13:09 [PATCH v2] thermal: core: Use strnlen in thermal_zone_device_register_with_trips Thorsten Blum
2025-12-16 19:44 ` David Laight [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251216194413.1f12a3df@pumpkin \
--to=david.laight.linux@gmail.com \
--cc=daniel.lezcano@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=lukasz.luba@arm.com \
--cc=rafael@kernel.org \
--cc=rui.zhang@intel.com \
--cc=thorsten.blum@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).