| Message ID | 1495701227-28809-6-git-send-email-brgl@bgdev.pl |
|---|---|
| State | New |
| Headers | show |
On Thu, May 25, 2017 at 11:33 AM, Bartosz Golaszewski <brgl@bgdev.pl> wrote: > We're currently only checking the first character of the input to the > debugfs event files, so a string like '0sdfdsf' is valid and indicates > a falling edge event. > > Be more strict and only allow '0', '1', '0\n' & '1\n'. Why not to be so strict and use kstrtobool_from_user(); instead?
On Sat, May 27, 2017 at 7:45 PM, Andy Shevchenko <andy.shevchenko@gmail.com> wrote: > On Thu, May 25, 2017 at 11:33 AM, Bartosz Golaszewski <brgl@bgdev.pl> wrote: >> We're currently only checking the first character of the input to the >> debugfs event files, so a string like '0sdfdsf' is valid and indicates >> a falling edge event. >> >> Be more strict and only allow '0', '1', '0\n' & '1\n'. > > Why not to be so strict and use > > kstrtobool_from_user(); > > instead? Or if you still wish to be strict, ret = kstrtou8_from_user(); if (ret) return ret; if (val > 1) return -ERANGE; or alike.
2017-05-27 18:47 GMT+02:00 Andy Shevchenko <andy.shevchenko@gmail.com>: > On Sat, May 27, 2017 at 7:45 PM, Andy Shevchenko > <andy.shevchenko@gmail.com> wrote: >> On Thu, May 25, 2017 at 11:33 AM, Bartosz Golaszewski <brgl@bgdev.pl> wrote: >>> We're currently only checking the first character of the input to the >>> debugfs event files, so a string like '0sdfdsf' is valid and indicates >>> a falling edge event. >>> >>> Be more strict and only allow '0', '1', '0\n' & '1\n'. >> >> Why not to be so strict and use >> >> kstrtobool_from_user(); >> >> instead? > Because it doesn't really make sense here - we're indicating a RISING or FALLING edge event. This doesn't really correspond well with boolean values IMO. > Or if you still wish to be strict, > ret = kstrtou8_from_user(); > if (ret) > return ret; > > if (val > 1) > return -ERANGE; > > or alike. This one looks good, I'll include it in v2. Thanks, Bartosz -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, May 25, 2017 at 10:33 AM, Bartosz Golaszewski <brgl@bgdev.pl> wrote: > We're currently only checking the first character of the input to the > debugfs event files, so a string like '0sdfdsf' is valid and indicates > a falling edge event. > > Be more strict and only allow '0', '1', '0\n' & '1\n'. > > Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> Since I applied patches 1-4 you only need to resend from this point when posting v2. Yours, Linus Walleij -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/gpio/gpio-mockup.c b/drivers/gpio/gpio-mockup.c index ba8d62a..b197b93 100644 --- a/drivers/gpio/gpio-mockup.c +++ b/drivers/gpio/gpio-mockup.c @@ -208,8 +208,8 @@ static ssize_t gpio_mockup_event_write(struct file *file, struct seq_file *sfile; struct gpio_desc *desc; struct gpio_chip *gc; + char buf[2]; int val; - char buf; sfile = file->private_data; priv = sfile->private; @@ -220,12 +220,18 @@ static ssize_t gpio_mockup_event_write(struct file *file, if (!chip->lines[priv->offset].irq_enabled) return size; - if (copy_from_user(&buf, usr_buf, 1)) + if (size > 2) + return -EINVAL; + + if (copy_from_user(&buf, usr_buf, 2)) return -EFAULT; - if (buf == '0') + if (size == 2 && buf[1] != '\n') + return -EINVAL; + + if (buf[0] == '0') val = 0; - else if (buf == '1') + else if (buf[0] == '1') val = 1; else return -EINVAL;
We're currently only checking the first character of the input to the debugfs event files, so a string like '0sdfdsf' is valid and indicates a falling edge event. Be more strict and only allow '0', '1', '0\n' & '1\n'. Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> --- drivers/gpio/gpio-mockup.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-)