Hi Kosaki-san,
I'm sorry for my late reply.
2011/12/19 KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxx>:
> (12/18/11 6:58 AM), Ryota Ozaki wrote:
>> /sys/devices/system/node/{online,possible} involve a garbage byte
>> because print_nodes_state returns content size + 1. To fix the bug,
>> the patch changes the use of cpuset_sprintf_cpulist to follow the
>> use at other places, which is clearer and safer.
>>
>> This bug was introduced since v2.6.24.
>>
>> Signed-off-by: Ryota Ozaki<ozaki.ryota@xxxxxxxxx>
>> ---
>> drivers/base/node.c | 8 +++-----
>> 1 files changed, 3 insertions(+), 5 deletions(-)
>>
>> diff --git a/drivers/base/node.c b/drivers/base/node.c
>> index 5693ece..ef7c1f9 100644
>> --- a/drivers/base/node.c
>> +++ b/drivers/base/node.c
>> @@ -587,11 +587,9 @@ static ssize_t print_nodes_state(enum node_states state, char *buf)
>> {
>> int n;
>>
>> - n = nodelist_scnprintf(buf, PAGE_SIZE, node_states[state]);
>> - if (n> 0&& PAGE_SIZE> n + 1) {
>> - *(buf + n++) = '\n';
>> - *(buf + n++) = '\0';
>> - }
>> + n = nodelist_scnprintf(buf, PAGE_SIZE-2, node_states[state]);
>
> PAGE_SIZE-1. This seems another off by one. buf[n++] = '¥n' mean
> override old trailing '¥0' and buf[n] = '¥0' mean to append one byte.
> Then totally, we append one byte.
Thanks for pointing this out, you're right. (nodelist_)scnprintf returns
size-1 at most, thus we need to remain just one byte. I'll fix it in
the next patch.
Actually I bring the code from another and such the flaw can be found in other
functions. So I'll them as well.
ozaki-r
>
>> + buf[n++] = '\n';
>> + buf[n] = '\0';
>> return n;
>> }
>>
>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href