On Wed, 12 Oct 2022 12:34:45 +0000 David Laight David.Laight@ACULAB.COM wrote:
@@ -13,8 +15,16 @@ static nokprobe_inline int kern_fetch_store_strlen_user(unsigned long addr) { const void __user *uaddr = (__force const void __user *)addr;
- int ret;
- return strnlen_user_nofault(uaddr, MAX_STRING_SIZE);
- ret = strnlen_user_nofault(uaddr, MAX_STRING_SIZE);
- /*
* strnlen_user_nofault returns zero on fault, insert the* FAULT_STRING when that occurs.*/- if (ret <= 0)
return strlen(FAULT_STRING) + 1;- return ret;
}
Isn't that going to do the wrong thing if the user string is valid memory but just zero length??
I thought so at first (and was in the process of changing things because of that) until I saw the comment above this code:
/* Return the length of string -- including null terminal byte */
And looking the function of strnlen_user_nofault():
* Returns the size of the string INCLUDING the terminating NUL.
That is, it returns 1 on a zero length string and 0 on fault :-p
Yes, I think we should fix that API, but that's another story.
-- Steve