Re: [PATCH] proc: fold kmalloc() + strcpy() into kmemdup()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Sep 09, 2024 at 03:13:04PM +0000, David Laight wrote:
> From: Alexey Dobriyan
> > Sent: 08 September 2024 10:28
> > 
> > strcpy() will recalculate string length second time which is
> > unnecessary in this case.
> 
> There is also definitely scope for the string being changed.
> Maybe you can prove it doesn't happen?

No, no, no. It is caller's responsibility to make sure the symlink
target stays stable for the duration of the call.

Kernel does it for strncpy_from_user() because userspace, but not here.

> Which also means the code would be better explicitly writing
> the terminating '\0' rather than relying on the one from the
> input buffer.
> 
> 	David
> 
> > 
> > Signed-off-by: Alexey Dobriyan <adobriyan@xxxxxxxxx>
> > ---
> > 
> >  fs/proc/generic.c |    4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > --- a/fs/proc/generic.c
> > +++ b/fs/proc/generic.c
> > @@ -464,9 +464,9 @@ struct proc_dir_entry *proc_symlink(const char *name,
> >  			  (S_IFLNK | S_IRUGO | S_IWUGO | S_IXUGO),1);
> > 
> >  	if (ent) {
> > -		ent->data = kmalloc((ent->size=strlen(dest))+1, GFP_KERNEL);
> > +		ent->size = strlen(dest);
> > +		ent->data = kmemdup(dest, ent->size + 1, GFP_KERNEL);
> >  		if (ent->data) {
> > -			strcpy((char*)ent->data,dest);
> >  			ent->proc_iops = &proc_link_inode_operations;
> >  			ent = proc_register(parent, ent);
> >  		} else {




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux