On Mon, 25 Nov 2013 19:08:15 -0500 KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> wrote:
> >>> It worries me that the CONFIG_NUMA=n version of mpol_to_str() doesn't
> >>> stick a '\0' into *buffer. Hopefully it never gets called...
> >>
> >> Don't worry. It never happens. Currently, all of caller depend on CONFIG_NUMA.
> >> However it would be nice if CONFIG_NUMA=n version of mpol_to_str() is
> >> implemented
> >> more carefully. I don't know who's mistake.
> >
> > Put a BUG() in there?
>
> I think this is enough. What do you think?
>
>
> commit 5691f7f336c511d39fc05821d204a8f7ba18c0cf
> Author: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
> Date: Mon Nov 25 18:38:25 2013 -0500
>
> mempolicy: implement mpol_to_str() fallback implementation when !CONFIG_NUMA
>
> Andrew Morton pointed out mpol_to_str() has no fallback implementation
> for !CONFIG_NUMA and it could be dangerous because callers might assume
> buffer is filled zero terminated string. Fortunately there is no such
> caller. But it would be nice to provide default safe implementation.
>
> Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
>
> diff --git a/include/linux/mempolicy.h b/include/linux/mempolicy.h
> index 9fe426b..eee0597 100644
> --- a/include/linux/mempolicy.h
> +++ b/include/linux/mempolicy.h
> @@ -309,6 +309,8 @@ static inline int mpol_parse_str(char *str, struct mempolicy **mpol)
>
> static inline void mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol)
> {
> + strncpy(buffer, "default", maxlen-1);
> + buffer[maxlen-1] = '\0';
> }
>
Well, as David said, BUILD_BUG() would be the preferred cleanup. I'll
stick one in there and see what the build bot has to say?
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>