Commit 830e0fc9 authored by David Rientjes's avatar David Rientjes Committed by Linus Torvalds

fs, proc: truncate /proc/pid/comm writes to first TASK_COMM_LEN bytes

Currently, a write to a procfs file will return the number of bytes
successfully written.  If the actual string is longer than this, the
remainder of the string will not be be written and userspace will
complete the operation by issuing additional write()s.

Hence

	$ echo -n "abcdefghijklmnopqrs" > /proc/self/comm

results in

	$ cat /proc/$$/comm
	pqrs

since the final four bytes were written with a second write() since
TASK_COMM_LEN == 16.  This is obviously an undesired result and not
equivalent to prctl(PR_SET_NAME).  The implementation should not need to
know the definition of TASK_COMM_LEN.

This patch truncates the string to the first TASK_COMM_LEN bytes and
returns the bytes written as the length of the string written so the
second write() is suppressed.

	$ cat /proc/$$/comm
	abcdefghijklmno
Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
Acked-by: default avatarJohn Stultz <john.stultz@linaro.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent dc7ee2aa
...@@ -1348,11 +1348,10 @@ static ssize_t comm_write(struct file *file, const char __user *buf, ...@@ -1348,11 +1348,10 @@ static ssize_t comm_write(struct file *file, const char __user *buf,
struct inode *inode = file_inode(file); struct inode *inode = file_inode(file);
struct task_struct *p; struct task_struct *p;
char buffer[TASK_COMM_LEN]; char buffer[TASK_COMM_LEN];
const size_t maxlen = sizeof(buffer) - 1;
memset(buffer, 0, sizeof(buffer)); memset(buffer, 0, sizeof(buffer));
if (count > sizeof(buffer) - 1) if (copy_from_user(buffer, buf, count > maxlen ? maxlen : count))
count = sizeof(buffer) - 1;
if (copy_from_user(buffer, buf, count))
return -EFAULT; return -EFAULT;
p = get_proc_task(inode); p = get_proc_task(inode);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment