Re: [PATCH] RDMA/ocrdma: Fix an off-by-one issue in 'ocrdma_add_stat'

From: Jason Gunthorpe
Date: Thu Apr 16 2020 - 14:48:02 EST

Next message: Bill Lawrence: "Re: I HAVE $2MILLION DONATION FOR YOU."
Previous message: Tony Lindgren: "Re: [PATCHv3] w1: omap-hdq: Simplify driver with PM runtime autosuspend"
In reply to: Dan Carpenter: "Re: [PATCH] RDMA/ocrdma: Fix an off-by-one issue in 'ocrdma_add_stat'"
Next in thread: Dan Carpenter: "Re: [PATCH] RDMA/ocrdma: Fix an off-by-one issue in 'ocrdma_add_stat'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 16, 2020 at 04:08:47PM +0300, Dan Carpenter wrote:
> On Tue, Apr 14, 2020 at 03:34:41PM -0300, Jason Gunthorpe wrote:
> > The memcpy is still kind of silly right? What about this:
> >
> > static int ocrdma_add_stat(char *start, char *pcur, char *name, u64 count)
> > {
> > size_t len = (start + OCRDMA_MAX_DBGFS_MEM) - pcur;
> > int cpy_len;
> >
> > cpy_len = snprintf(pcur, len, "%s: %llu\n", name, count);
> > if (cpy_len >= len || cpy_len < 0) {
>
> The kernel version of snprintf() doesn't and will never return
> negatives. It would cause a huge security headache if it started
> returning negatives.

Begs the question why it returns an int then :)

Thanks,
Jason

Next message: Bill Lawrence: "Re: I HAVE $2MILLION DONATION FOR YOU."
Previous message: Tony Lindgren: "Re: [PATCHv3] w1: omap-hdq: Simplify driver with PM runtime autosuspend"
In reply to: Dan Carpenter: "Re: [PATCH] RDMA/ocrdma: Fix an off-by-one issue in 'ocrdma_add_stat'"
Next in thread: Dan Carpenter: "Re: [PATCH] RDMA/ocrdma: Fix an off-by-one issue in 'ocrdma_add_stat'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]