On Wed, 19 Sep 2018 11:39:32 +0900
Sergey Senozhatsky <sergey.senozhatsky.w...@gmail.com> wrote:
> On (09/19/18 10:27), He Zhe wrote:
> > On 2018年09月19日 09:50, Sergey Senozhatsky wrote:
> > > On (09/19/18 01:17), zhe...@windriver.com wrote:
> > >> @@ -1048,7 +1048,14 @@ static void __init log_buf_len_update(unsigned
> > >> size)
> > >> /* save requested log_buf_len since it's too early to process it */
> > >> static int __init log_buf_len_setup(char *str)
> > >> {
> > >> - unsigned size = memparse(str, &str);
> > >> + unsigned size;
> > > unsigned int size;
> >
> > This is in v1 but then Steven suggested that it should be split out
> > and only keep the pure fix part here.
>
> Ah, I see.
>
> Hmm... memparse() returns u64 value. A user *probably* can ask the kernel
> to allocate log_buf larger than 'unsigned int'.
>
> So may be I'd do two fixes here:
>
> First - switch to u64 size.
> Second - check for NULL str.
>
>
> Steven, Petr, what do you think?
>
I think I would switch it around. Check for NULL first, and then switch
to u64. It was always an int, do we need to backport converting it to
u64 to stable? The NULL check is a definite, the overflow of int
shouldn't crash anything.
-- Steve
