On 2022-07-07 3:51 PM, Péter Ujfalusi wrote:
On 07/07/2022 12:13, Cezary Rojewski wrote:
...
+int strsplit_u32(const char *str, const char *delim, u32 **tkns, size_t *num_tkns)
+{
+ size_t max_count = 32;
+ size_t count = 0;
+ char *s, **p;
+ u32 *buf, *tmp;
+ int ret = 0;
+
+ p = (char **)&str;
+ *tkns = NULL;
+ *num_tkns = 0;
+
+ buf = kcalloc(max_count, sizeof(*buf), GFP_KERNEL);
+ if (!buf)
+ return -ENOMEM;
+
+ while ((s = strsep(p, delim)) != NULL) {
+ ret = kstrtouint(s, 0, buf + count);
+ if (ret)
+ goto free_buf;
+
+ if (++count > max_count) {
I think this should be as it was originally:
if (++count >= max_count) {
Otherwise when we reach the max_count we would not realloc to get more
space and the data + max_count is pointing outside of the allocated area.
I believe you're right. Will change in v2.
Regards,
Czarek