Commit bd9b0bac authored by BP, Praveen's avatar BP, Praveen Committed by Linus Torvalds

[PATCH] sysctl: string length calculated is wrong if it contains negative numbers

In the functions do_proc_dointvec() and do_proc_doulongvec_minmax(),
there seems to be a bug in string length calculation if string contains
negative integer.

The console log given below explains the bug. Setting negative values
may not be a right thing to do for "console log level" but then the test
(given below) can be used to demonstrate the bug in the code.

# echo "-1 -1 -1 -123456" > /proc/sys/kernel/printk
# cat /proc/sys/kernel/printk
-1      -1      -1      -1234
#
# echo "-1 -1 -1 123456" > /proc/sys/kernel/printk
# cat /proc/sys/kernel/printk
-1      -1      -1      1234
#

(akpm: the bug is that 123456 gets truncated)

It works as expected if string contains all +ve integers

# echo "1 2 3 4" > /proc/sys/kernel/printk
# cat /proc/sys/kernel/printk
1       2       3       4
#

The patch given below fixes the issue.
Signed-off-by: default avatarPraveen BP <praveenbp@ti.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 36499dc2
...@@ -1875,7 +1875,7 @@ static int __do_proc_dointvec(void *tbl_data, ctl_table *table, ...@@ -1875,7 +1875,7 @@ static int __do_proc_dointvec(void *tbl_data, ctl_table *table,
p = buf; p = buf;
if (*p == '-' && left > 1) { if (*p == '-' && left > 1) {
neg = 1; neg = 1;
left--, p++; p++;
} }
if (*p < '0' || *p > '9') if (*p < '0' || *p > '9')
break; break;
...@@ -2126,7 +2126,7 @@ static int __do_proc_doulongvec_minmax(void *data, ctl_table *table, int write, ...@@ -2126,7 +2126,7 @@ static int __do_proc_doulongvec_minmax(void *data, ctl_table *table, int write,
p = buf; p = buf;
if (*p == '-' && left > 1) { if (*p == '-' && left > 1) {
neg = 1; neg = 1;
left--, p++; p++;
} }
if (*p < '0' || *p > '9') if (*p < '0' || *p > '9')
break; break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment