[PATCH] fix for buffer limit for long in sysctl.c
From: Stephane Eranian
Date: Thu Jul 15 2004 - 16:51:50 EST
Andrew,
We discovered a bug in the do_proc_doulongvec_minmax() routine.
The buffer is too short by one byte. A 64-bit number expressed
in decimal uses 20 bytes. The size of the buffer was set to 20.
The following patch relative to 2.6.7 fixes the problem. For
consistency reason, a length of 21 is used for both int and
long parsers.
change-log:
fix a bug in do_proc_doulongvec_minmax() where the
the string buffer was too short to parse a 64-bit number
expressed in decimal. That was causing problems with entries
in /proc/sys using long and allowing large number (such as -1)
signed-off-by: Stephane Eranian <eranian@xxxxxxxxxx>
===== kernel/sysctl.c 1.65 vs edited =====
--- 1.65/kernel/sysctl.c 2004-06-16 21:12:21 -07:00
+++ edited/kernel/sysctl.c 2004-07-15 14:38:34 -07:00
@@ -1442,7 +1442,7 @@
int write, void *data),
void *data)
{
-#define TMPBUFLEN 20
+#define TMPBUFLEN 21
int *i, vleft, first=1, neg, val;
unsigned long lval;
size_t left, len;
@@ -1682,7 +1682,7 @@
unsigned long convmul,
unsigned long convdiv)
{
-#define TMPBUFLEN 20
+#define TMPBUFLEN 21
unsigned long *i, *min, *max, val;
int vleft, first=1, neg;
size_t len, left;
--
-Stephane
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/