On Mon, 25 Nov 2013 19:08:15 -0500 KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> wrote: > >>> It worries me that the CONFIG_NUMA=n version of mpol_to_str() doesn't > >>> stick a '\0' into *buffer. Hopefully it never gets called... > >> > >> Don't worry. It never happens. Currently, all of caller depend on CONFIG_NUMA. > >> However it would be nice if CONFIG_NUMA=n version of mpol_to_str() is > >> implemented > >> more carefully. I don't know who's mistake. > > > > Put a BUG() in there? > > I think this is enough. What do you think? > > > commit 5691f7f336c511d39fc05821d204a8f7ba18c0cf > Author: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> > Date: Mon Nov 25 18:38:25 2013 -0500 > > mempolicy: implement mpol_to_str() fallback implementation when !CONFIG_NUMA > > Andrew Morton pointed out mpol_to_str() has no fallback implementation > for !CONFIG_NUMA and it could be dangerous because callers might assume > buffer is filled zero terminated string. Fortunately there is no such > caller. But it would be nice to provide default safe implementation. > > Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> > > diff --git a/include/linux/mempolicy.h b/include/linux/mempolicy.h > index 9fe426b..eee0597 100644 > --- a/include/linux/mempolicy.h > +++ b/include/linux/mempolicy.h > @@ -309,6 +309,8 @@ static inline int mpol_parse_str(char *str, struct mempolicy **mpol) > > static inline void mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol) > { > + strncpy(buffer, "default", maxlen-1); > + buffer[maxlen-1] = '\0'; > } > Well, as David said, BUILD_BUG() would be the preferred cleanup. I'll stick one in there and see what the build bot has to say? -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>