* [PATCH] debugfs: Add check for module parameter name
@ 2017-09-21 12:16 Arvind Yadav
2017-09-21 12:44 ` Al Viro
0 siblings, 1 reply; 4+ messages in thread
From: Arvind Yadav @ 2017-09-21 12:16 UTC (permalink / raw)
To: gregkh, viro; +Cc: linux-kernel
Here, start_creating() is calling by debugfs_create_dir()
and debugfs_create_automount(). driver can pass name as NULL in
debugfs_create_dir and debugfs_create_automount. So we need to
add check for 'name'.
Signed-off-by: Arvind Yadav <arvind.yadav.cs@gmail.com>
---
fs/debugfs/inode.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index c59f015..aa5988d 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -292,6 +292,9 @@ static struct dentry *start_creating(const char *name, struct dentry *parent)
if (IS_ERR(parent))
return parent;
+ if (!name)
+ return ERR_PTR(-ENOMEM);
+
error = simple_pin_fs(&debug_fs_type, &debugfs_mount,
&debugfs_mount_count);
if (error)
--
1.9.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] debugfs: Add check for module parameter name
2017-09-21 12:16 [PATCH] debugfs: Add check for module parameter name Arvind Yadav
@ 2017-09-21 12:44 ` Al Viro
2017-09-21 16:47 ` arvind
0 siblings, 1 reply; 4+ messages in thread
From: Al Viro @ 2017-09-21 12:44 UTC (permalink / raw)
To: Arvind Yadav; +Cc: gregkh, linux-kernel
On Thu, Sep 21, 2017 at 05:46:54PM +0530, Arvind Yadav wrote:
> Here, start_creating() is calling by debugfs_create_dir()
> and debugfs_create_automount(). driver can pass name as NULL in
> debugfs_create_dir and debugfs_create_automount. So we need to
> add check for 'name'.
Huh? "Driver can pass any kind of crap pointer when calling this
function, so let's check if that crap happens to be NULL and bail
out in that particular case"? Or am I misreading that?
Do you have any in-tree examples, or is that about some out-of-tree
code that needs to be saved from itself?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] debugfs: Add check for module parameter name
2017-09-21 12:44 ` Al Viro
@ 2017-09-21 16:47 ` arvind
2017-09-21 17:09 ` Al Viro
0 siblings, 1 reply; 4+ messages in thread
From: arvind @ 2017-09-21 16:47 UTC (permalink / raw)
To: Al Viro; +Cc: gregkh, linux-kernel
Hi,
On Thursday 21 September 2017 06:14 PM, Al Viro wrote:
> On Thu, Sep 21, 2017 at 05:46:54PM +0530, Arvind Yadav wrote:
>> Here, start_creating() is calling by debugfs_create_dir()
>> and debugfs_create_automount(). driver can pass name as NULL in
>> debugfs_create_dir and debugfs_create_automount. So we need to
>> add check for 'name'.
> Huh? "Driver can pass any kind of crap pointer when calling this
> function, so let's check if that crap happens to be NULL and bail
> out in that particular case"? Or am I misreading that?
Your are correct.
>
> Do you have any in-tree examples, or is that about some out-of-tree
> code that needs to be saved from itself?
>
Please check "drivers/base/power/opp/debugfs.c"
static bool opp_debug_create_supplies(struct dev_pm_opp *opp,
struct opp_table *opp_table,
struct dentry *pdentry)
{
struct dentry *d;
int i;
char *name;
for (i = 0; i < opp_table->regulator_count; i++) {
name = kasprintf(GFP_KERNEL, "supply-%d", i);
/* Create per-opp directory */
d = debugfs_create_dir(name, pdentry);
kfree(name);
.
.
.
}
kasprintf() can fail here and It can return NULL.
In this case, We are passing NULL value to debugfs_create_dir().
I know, we will have to handle kasprintf() first instead of adding
NULL check in start_creating(). I have seen few driver where they have done
similar kind of implementation. Also I am adding check for kasprintf.
~arvind
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] debugfs: Add check for module parameter name
2017-09-21 16:47 ` arvind
@ 2017-09-21 17:09 ` Al Viro
0 siblings, 0 replies; 4+ messages in thread
From: Al Viro @ 2017-09-21 17:09 UTC (permalink / raw)
To: arvind; +Cc: gregkh, linux-kernel
On Thu, Sep 21, 2017 at 10:17:46PM +0530, arvind wrote:
> Hi,
>
> On Thursday 21 September 2017 06:14 PM, Al Viro wrote:
> > On Thu, Sep 21, 2017 at 05:46:54PM +0530, Arvind Yadav wrote:
> > > Here, start_creating() is calling by debugfs_create_dir()
> > > and debugfs_create_automount(). driver can pass name as NULL in
> > > debugfs_create_dir and debugfs_create_automount. So we need to
> > > add check for 'name'.
> > Huh? "Driver can pass any kind of crap pointer when calling this
> > function, so let's check if that crap happens to be NULL and bail
> > out in that particular case"? Or am I misreading that?
> Your are correct.
> >
> > Do you have any in-tree examples, or is that about some out-of-tree
> > code that needs to be saved from itself?
> >
> Please check "drivers/base/power/opp/debugfs.c"
>
> static bool opp_debug_create_supplies(struct dev_pm_opp *opp,
> struct opp_table *opp_table,
> struct dentry *pdentry)
> {
> struct dentry *d;
> int i;
> char *name;
>
> for (i = 0; i < opp_table->regulator_count; i++) {
> name = kasprintf(GFP_KERNEL, "supply-%d", i);
>
> /* Create per-opp directory */
> d = debugfs_create_dir(name, pdentry);
>
> kfree(name);
Umm... Looks like crap, to be honest. And not just that function -
if anything in there fails to create a file, the thing leaks all
kinds of garbage.
AFAICS, that code has never been tested (and probably not thought
through in the first place) in case of allocation failures. So
much that an oops might be a mercy - at least then somebody might
consider getting it into sane shape...
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-09-21 17:24 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-21 12:16 [PATCH] debugfs: Add check for module parameter name Arvind Yadav
2017-09-21 12:44 ` Al Viro
2017-09-21 16:47 ` arvind
2017-09-21 17:09 ` Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).