Re: [PATCH v2] proc: Escape more characters in /proc/mounts output

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Dec 15, 2020 at 06:23:18PM +0530, Siddhesh Poyarekar wrote:

> +static char *copy_mount_devname(const void __user *data)
> +{
> +	char *p;
> +	long length;
> +
> +	if (data == NULL)
> +		return NULL;
> +
> +	length = strnlen_user(data, PATH_MAX);
> +
> +	if (!length)
> +		return ERR_PTR(-EFAULT);
> +
> +	if (length > PATH_MAX)
> +		return ERR_PTR(-EINVAL);
> +
> +	/* Ignore blank strings */
> +	if (length == 1)
> +		return NULL;
> +
> +	p = memdup_user(data, length);

Once more, with feeling: why bother?  What's wrong
with using the damn strndup_user() and then doing
whatever checks you want with the data already
copied, living in normal kernel memory, with all
string functions applicable, etc.?
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux