On Wed, 12 Oct 2022 12:34:45 +0000
David Laight <David.Laight@xxxxxxxxxx> wrote:
> > @@ -13,8 +15,16 @@ static nokprobe_inline int
> > kern_fetch_store_strlen_user(unsigned long addr)
> > {
> > const void __user *uaddr = (__force const void __user *)addr;
> > + int ret;
> >
> > - return strnlen_user_nofault(uaddr, MAX_STRING_SIZE);
> > + ret = strnlen_user_nofault(uaddr, MAX_STRING_SIZE);
> > + /*
> > + * strnlen_user_nofault returns zero on fault, insert the
> > + * FAULT_STRING when that occurs.
> > + */
> > + if (ret <= 0)
> > + return strlen(FAULT_STRING) + 1;
> > + return ret;
> > }
>
> Isn't that going to do the wrong thing if the user
> string is valid memory but just zero length??
I thought so at first (and was in the process of changing things
because of that) until I saw the comment above this code:
/* Return the length of string -- including null terminal byte */
And looking the function of strnlen_user_nofault():
* Returns the size of the string INCLUDING the terminating NUL.
That is, it returns 1 on a zero length string and 0 on fault :-p
Yes, I think we should fix that API, but that's another story.
-- Steve
