On 03/22/2013 12:46:24 AM, Wang Dongsheng-B40534 wrote:
> -----Original Message-----
> From: Wood Scott-B07421
> Sent: Thursday, March 21, 2013 5:49 AM
> To: Wang Dongsheng-B40534
> Cc: Wood Scott-B07421; Gala Kumar-B11780;
linuxppc-dev@lists.ozlabs.org;
> Zhao Chenhui-B35336; Li Yang-R58472
> Subject: Re: [PATCH 3/3] powerpc/fsl: add MPIC timer wakeup support
>
> On 03/19/2013 10:48:53 PM, Wang Dongsheng-B40534 wrote:
> > while (*s) {
> > if ('0' <= *s && *s <= '9')
> > val = *s - '0';
> > else if ('a' <= _tolower(*s) && _tolower(*s) <= 'f')
> > val = _tolower(*s) - 'a' + 10;
> > else
> > break; //this will break out to convert.
>
> Really? How do you know that the next byte after the buffer isn't a
> valid hex digit? How do you even know that we won't take a fault
> accessing it?
>
Under what case is unsafe, please make sense.
char buffer[1] = { '5' };
write(fd, &buffer, 1);
What comes after that '5' byte in the pointer you pass to kstrtol?
"kstrtol" is used in almost of sysfs interface, I think it should be
accepted in defaule :).
Just because a lot of other people copy blindly doesn't make it right.
Most of the examples I found use sscanf instead, though that has the
same problem.
I do see a few instances of the "strings from sysfs write are not 0
terminated!" in the comments, though (kernel/time/clocksource.c and
kernel/rtmutex-tester.c).
Also "words written to sysfs files may, or may not, be \n terminated"
in drivers/md/md.c.
-Scott
_______________________________________________
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
