um: fix len of file in create_pid_file

Message ID	20200219134442.68744-1-wenyang@linux.alibaba.com
State	Accepted
Headers	show Return-Path: <linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Wen Yang <wenyang@linux.alibaba.com> To: Jeff Dike <jdike@addtoit.com>, Richard Weinberger <richard@nod.at>, Anton Ivanov <anton.ivanov@cambridgegreys.com> Subject: [PATCH] um: fix len of file in create_pid_file Date: Wed, 19 Feb 2020 21:44:42 +0800 Message-Id: <20200219134442.68744-1-wenyang@linux.alibaba.com> MIME-Version: 1.0 summary: Content analysis details: (-8.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [115.124.30.56 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -7.5 USER_IN_DEF_SPF_WL From: address is in the default SPF white-list 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines -0.5 ENV_AND_HDR_SPF_MATCH Env and Hdr From used in default SPF WL Match Precedence: list Cc: Bartosz Golaszewski <bgolaszewski@baylibre.com>, linux-um@lists.infradead.org, Wen Yang <wenyang@linux.alibaba.com>, Alex Dewar <alex.dewar@gmx.co.uk> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-um" <linux-um-bounces@lists.infradead.org> Errors-To: linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	um: fix len of file in create_pid_file \| expand um: fix len of file in create_pid_file

Message ID

20200219134442.68744-1-wenyang@linux.alibaba.com

State

Accepted

Headers

From: Wen Yang <wenyang@linux.alibaba.com>
To: Jeff Dike <jdike@addtoit.com>, Richard Weinberger <richard@nod.at>,
	Anton Ivanov <anton.ivanov@cambridgegreys.com>
Subject: [PATCH] um: fix len of file in create_pid_file
Date: Wed, 19 Feb 2020 21:44:42 +0800
Message-Id: <20200219134442.68744-1-wenyang@linux.alibaba.com>
MIME-Version: 1.0
Precedence: list
Cc: Bartosz Golaszewski <bgolaszewski@baylibre.com>,
	linux-um@lists.infradead.org, Wen Yang <wenyang@linux.alibaba.com>,
	Alex Dewar <alex.dewar@gmx.co.uk>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-um" <linux-um-bounces@lists.infradead.org>
Errors-To: linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

um: fix len of file in create_pid_file | expand

Commit Message

Wen Yang Feb. 19, 2020, 1:44 p.m. UTC

sizeof gives us the size of the pointer variable, not of the
area it points to. So the number of bytes copied by umid_file_name()
is 8.
We should pass in the correct length of the file buffer.

Signed-off-by: Wen Yang <wenyang@linux.alibaba.com>
Cc: Jeff Dike <jdike@addtoit.com> (maintainer:USER-MODE LINUX (UML))
Cc: Richard Weinberger <richard@nod.at> (maintainer:USER-MODE LINUX (UML),commit_signer:2/2=100%)
Cc: Anton Ivanov <anton.ivanov@cambridgegreys.com> (maintainer:USER-MODE LINUX (UML))
Cc: Bartosz Golaszewski <bgolaszewski@baylibre.com> (commit_signer:1/2=50%,authored:1/2=50%,added_lines:27/28=96%,removed_lines:9/10=90%)
Cc: Alex Dewar <alex.dewar@gmx.co.uk> (commit_signer:1/2=50%,authored:1/2=50%,removed_lines:1/10=10%)
Cc: linux-um@lists.infradead.org (open list:USER-MODE LINUX (UML))
---
 arch/um/os-Linux/umid.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Comments

Richard Weinberger March 29, 2020, 9:36 p.m. UTC | #1

On Wed, Feb 19, 2020 at 2:45 PM Wen Yang <wenyang@linux.alibaba.com> wrote:
>
> sizeof gives us the size of the pointer variable, not of the
> area it points to. So the number of bytes copied by umid_file_name()
> is 8.
> We should pass in the correct length of the file buffer.
>
> Signed-off-by: Wen Yang <wenyang@linux.alibaba.com>
> Cc: Jeff Dike <jdike@addtoit.com> (maintainer:USER-MODE LINUX (UML))
> Cc: Richard Weinberger <richard@nod.at> (maintainer:USER-MODE LINUX (UML),commit_signer:2/2=100%)
> Cc: Anton Ivanov <anton.ivanov@cambridgegreys.com> (maintainer:USER-MODE LINUX (UML))
> Cc: Bartosz Golaszewski <bgolaszewski@baylibre.com> (commit_signer:1/2=50%,authored:1/2=50%,added_lines:27/28=96%,removed_lines:9/10=90%)
> Cc: Alex Dewar <alex.dewar@gmx.co.uk> (commit_signer:1/2=50%,authored:1/2=50%,removed_lines:1/10=10%)
> Cc: linux-um@lists.infradead.org (open list:USER-MODE LINUX (UML))
> ---
>  arch/um/os-Linux/umid.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/arch/um/os-Linux/umid.c b/arch/um/os-Linux/umid.c
> index 44def53a11cd..9e16078a4bf8 100644
> --- a/arch/um/os-Linux/umid.c
> +++ b/arch/um/os-Linux/umid.c
> @@ -220,11 +220,12 @@ static void __init create_pid_file(void)
>         char pid[sizeof("nnnnn\0")], *file;
>         int fd, n;
>
> -       file = malloc(strlen(uml_dir) + UMID_LEN + sizeof("/pid\0"));
> +       n = strlen(uml_dir) + UMID_LEN + sizeof("/pid\0");
> +       file = malloc(n);
>         if (!file)
>                 return;
>
> -       if (umid_file_name("pid", file, sizeof(file)))
> +       if (umid_file_name("pid", file, n))
>                 goto out;
>

Good catch, applied.

diff --git a/arch/um/os-Linux/umid.c b/arch/um/os-Linux/umid.c
index 44def53a11cd..9e16078a4bf8 100644
--- a/arch/um/os-Linux/umid.c
+++ b/arch/um/os-Linux/umid.c
@@ -220,11 +220,12 @@  static void __init create_pid_file(void)
 	char pid[sizeof("nnnnn\0")], *file;
 	int fd, n;
 
-	file = malloc(strlen(uml_dir) + UMID_LEN + sizeof("/pid\0"));
+	n = strlen(uml_dir) + UMID_LEN + sizeof("/pid\0");
+	file = malloc(n);
 	if (!file)
 		return;
 
-	if (umid_file_name("pid", file, sizeof(file)))
+	if (umid_file_name("pid", file, n))
 		goto out;
 
 	fd = open(file, O_RDWR | O_CREAT | O_EXCL, 0644);

um: fix len of file in create_pid_file

Commit Message

Comments

Patch