Re: [RFC] globmatch() helper function

[George Spelvin]

Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> ftrace has a globbing thing in there somewhere as well and that does
> indeed take user input.

Yes, but (I just looked at the code), its patterns take the form:
- Optional leading *
- Literal text
- Optional trailing *

Thus, only one case (*literal*) requires any backtracking, and it's
just strstr().

> Using recursion in kernel code is indeed not recommended, what Andi said
> we have tiny stacks.

The stack frame is tiny, and it only recurses on a *, so if the number
of *s in the pattern is bounded, the stack usage is bounded.

For the intended application (compile-time constant device blacklists),
this is not a problem at all.  Indeed, nothing but a trailing * is even
needed; I only implemented the feature to be compatible with fnmatch().
(Which is part of the reason I'm reluctant to do anything heroic to
make it work.)

The problem is, what if some future thoughtless person feeds user data
into the pattern argument?

I could just take support for non-trailing * out entirely.  That would be
a different sort of documentation burden.

Or I could just add an explicit 2-level stack. If you overflow the stack,
matching always fails.  Unfortunately, the code will be larger.

Do people think that would be, on balance, better?  It would be plenty
good enough for the blacklist application.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/