From: Andy Shevchenko <andy.shevchenko@gmail.com>
To: Hans de Goede <hdegoede@redhat.com>
Cc: Mark Gross <mgross@linux.intel.com>,
Andy Shevchenko <andy@infradead.org>,
Mark Pearson <markpearson@lenovo.com>,
Platform Driver <platform-driver-x86@vger.kernel.org>
Subject: Re: [PATCH] platform/x86: think-lmi: Return EINVAL when kbdlang gets set to a 0 length string
Date: Mon, 21 Jun 2021 19:16:37 +0300 [thread overview]
Message-ID: <CAHp75Vcu+3-7dQwJDTLfQVwvSsOB9uOby7rq4w4cxLKMn1q+oA@mail.gmail.com> (raw)
In-Reply-To: <ca520d5f-0288-30ef-0191-96f890a2ba4c@redhat.com>
On Mon, Jun 21, 2021 at 5:13 PM Hans de Goede <hdegoede@redhat.com> wrote:
> On 6/21/21 3:58 PM, Andy Shevchenko wrote:
> > On Mon, Jun 21, 2021 at 4:24 PM Hans de Goede <hdegoede@redhat.com> wrote:
> >>
> >> Commit 0ddcf3a6b442 ("platform/x86: think-lmi: Avoid potential read before
> >> start of the buffer") moved the lengt == 0 up to before stripping the '\n'
> >
> > length
>
> Ack, will fix.
>
> >> which typically gets added when users echo a value to a sysfs-attribute
> >> from the shell.
> >>
> >> This avoids a potential buffer-underrun, but it also causes a behavioral
> >> change, prior to this change "echo > kbdlang", iow writing just a single
> >> '\n' would result in an EINVAL error, but after the change this gets
> >> accepted setting kbdlang to an empty string.
> >
> > And why is it a problem?
>
> Because there are only a couple of valid string like "de", "fr", "es"
> and "us". We don't know the exact set of valid strings for a certain
> BIOS, but we do not for sure that an empty string is not valid.
Since we call strlen() on the buf it means we are expecting
NUL-terminated string no matter what.
In this case the
p = skip_spaces(buf);
length = strchrnul(buf, '\n') - p;
if (!length || length >= ...)
return ...
seems the best, no?
--
With Best Regards,
Andy Shevchenko
next prev parent reply other threads:[~2021-06-21 16:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-21 13:23 [PATCH] platform/x86: think-lmi: Return EINVAL when kbdlang gets set to a 0 length string Hans de Goede
2021-06-21 13:58 ` Andy Shevchenko
2021-06-21 14:13 ` Hans de Goede
2021-06-21 16:16 ` Andy Shevchenko [this message]
2021-06-21 19:29 ` Hans de Goede
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHp75Vcu+3-7dQwJDTLfQVwvSsOB9uOby7rq4w4cxLKMn1q+oA@mail.gmail.com \
--to=andy.shevchenko@gmail.com \
--cc=andy@infradead.org \
--cc=hdegoede@redhat.com \
--cc=markpearson@lenovo.com \
--cc=mgross@linux.intel.com \
--cc=platform-driver-x86@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.