Re: [PATCH] sched/core: check format and overflows in cgroup2 cpu.max

From: Konstantin Khlebnikov
Date: Tue Mar 05 2019 - 12:03:32 EST

Next message: Arnd Bergmann: "Re: [Y2038] Question regarding support of old time interfaces beyond y2038"
Previous message: Rafael J. Wysocki: "Re: [RFT][Update][PATCH 2/2] cpufreq: intel_pstate: Update max CPU frequency on global turbo changes"
In reply to: Tejun Heo: "Re: [PATCH] sched/core: check format and overflows in cgroup2 cpu.max"
Next in thread: Tejun Heo: "Re: [PATCH] sched/core: check format and overflows in cgroup2 cpu.max"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 05.03.2019 18:57, Tejun Heo wrote:

Hello,

On Wed, Feb 27, 2019 at 11:13:21AM +0300, Konstantin Khlebnikov wrote:

Cgroup2 interface for cpu bandwidth limit has some flaws:

- on stack buffer overflow
- no checks for valid format or trailing garbage
- no checks for integer overflows

This patch fixes all these flaws.

Ditto as the blkio patch. Unless there is a correctness problem, my
preference is towards keeping the parsing functions simple and I don't
think the kernel needs to play the role of strict input verifier here
as long as the only foot getting shot is the user's own.

IMHO non-strict interface more likely hides bugs and could cause problems for future changes.

Here is only only one fatal bug - buffer overflow in sscanf because %s has no limit.

Strict validation could be done as more strict sscanf variant or some kind of extension for format string.

Thanks.

Next message: Arnd Bergmann: "Re: [Y2038] Question regarding support of old time interfaces beyond y2038"
Previous message: Rafael J. Wysocki: "Re: [RFT][Update][PATCH 2/2] cpufreq: intel_pstate: Update max CPU frequency on global turbo changes"
In reply to: Tejun Heo: "Re: [PATCH] sched/core: check format and overflows in cgroup2 cpu.max"
Next in thread: Tejun Heo: "Re: [PATCH] sched/core: check format and overflows in cgroup2 cpu.max"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]