On 03.12.20 12:40, Xiaohui Zhang wrote: > From: Zhang Xiaohui <ruc_zhangxiaohui@xxxxxxx> > > The fix makes sure no zero value in the buffer, by comparing the > strlen() of the original buffer with the size variable. What problem do you want to fix here? I think, presently iblock_set_configfs_dev_params() just ignores input after a possible zero byte, which AFAICS is the usual way to handle such 'abnormal' input. Of course, strictly taken it is a bug to return 'count' without having processed count bytes. OTOH, iblock_set_configfs_dev_params also silently ignores unknown parameter strings. If you want to have strict error handling in such sys- or config-FS callbacks, you have to do a lot of work ... > > Signed-off-by: Zhang Xiaohui <ruc_zhangxiaohui@xxxxxxx> > --- > drivers/target/target_core_iblock.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/target/target_core_iblock.c b/drivers/target/target_core_iblock.c > index f2bd2e207..b23e92449 100644 > --- a/drivers/target/target_core_iblock.c > +++ b/drivers/target/target_core_iblock.c > @@ -537,6 +537,8 @@ static ssize_t iblock_set_configfs_dev_params(struct se_device *dev, > int ret = 0, token; > unsigned long tmp_readonly; > > + if (strlen(page) < count) > + return -EOVERFLOW; > opts = kstrdup(page, GFP_KERNEL); > if (!opts) > return -ENOMEM; >
