On 05.03.2019 18:57, Tejun Heo wrote:
Hello,
On Wed, Feb 27, 2019 at 11:13:21AM +0300, Konstantin Khlebnikov wrote:
Cgroup2 interface for cpu bandwidth limit has some flaws:
- on stack buffer overflow
- no checks for valid format or trailing garbage
- no checks for integer overflows
This patch fixes all these flaws.
Ditto as the blkio patch. Unless there is a correctness problem, my
preference is towards keeping the parsing functions simple and I don't
think the kernel needs to play the role of strict input verifier here
as long as the only foot getting shot is the user's own.
IMHO non-strict interface more likely hides bugs and could cause problems for future changes.
Here is only only one fatal bug - buffer overflow in sscanf because %s has no limit.
Strict validation could be done as more strict sscanf variant or some kind of extension for format string.
Thanks.
