On 03/18, Andrew Morton wrote:
>
> On Sat, 16 Mar 2013 21:23:53 +0100 Oleg Nesterov <o...@redhat.com> wrote:
>
> > + argv_str = kstrndup(str, KMALLOC_MAX_SIZE, gfp);
>
> kstrndup() does kmalloc_track_caller(len+1, gfp) so your
> KMALLOC_MAX_SIZE is off-by-one?
Yes... 'max' is strlen(), not sizeof()...
Actually we could even use ULONG_MAX, the last zero byte in "str" should
be never overwritten. Or we could use some "reasonable" and lower limit.
But I agree, kstrndup(KMALLOC_MAX_SIZE) doesn't look good, please find
fix-2 below.
> From reading the code it is rather unobvious why things were
> implemented in this fashion. People may come along in five years and
> "clean it up". Hence we should explain, no?
Yes, thanks for this comment!
---
lib/argv_split.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/lib/argv_split.c b/lib/argv_split.c
index cac7ec4..e927ed0 100644
--- a/lib/argv_split.c
+++ b/lib/argv_split.c
@@ -63,7 +63,7 @@ char **argv_split(gfp_t gfp, const char *str, int *argcp)
char **argv, **argv_ret;
int argc;
- argv_str = kstrndup(str, KMALLOC_MAX_SIZE, gfp);
+ argv_str = kstrndup(str, KMALLOC_MAX_SIZE - 1, gfp);
if (!argv_str)
return NULL;
--
1.5.5.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
