Skip to content

C
clone-Linux

gsplhtlxg / clone-Linux

通知 2
Star 0
Fork 1
C
clone-Linux

体验新版 GitCode,发现更多精彩内容 >>

提交 cc1dad71 编写于 作者: A Al Viro
浏览文件
操作

selinuxfs snprintf() misuses 

a) %d does _not_ produce a page worth of output
b) snprintf() doesn't return negatives - it used to in old glibc, but
that's the kernel...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
上级 c862868b
隐藏空白更改
内联 并排
Showing with 7 addition and 29 deletion
security/selinux/selinuxfs.c
浏览文件 @ cc1dad71
...@@ -1259,12 +1259,8 @@ static int sel_make_bools(void) ...@@ -1259,12 +1259,8 @@ static int sel_make_bools(void)
if (!inode) if (!inode)
goto out; goto out;
ret = -EINVAL;
len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]);
if (len < 0)
goto out;
ret = -ENAMETOOLONG; ret = -ENAMETOOLONG;
len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]);
if (len >= PAGE_SIZE) if (len >= PAGE_SIZE)
goto out; goto out;
...@@ -1557,19 +1553,10 @@ static inline u32 sel_ino_to_perm(unsigned long ino) ...@@ -1557,19 +1553,10 @@ static inline u32 sel_ino_to_perm(unsigned long ino)
static ssize_t sel_read_class(struct file *file, char __user *buf, static ssize_t sel_read_class(struct file *file, char __user *buf,
size_t count, loff_t *ppos) size_t count, loff_t *ppos)
{ {
ssize_t rc, len;
char *page;
unsigned long ino = file->f_path.dentry->d_inode->i_ino; unsigned long ino = file->f_path.dentry->d_inode->i_ino;
char res[TMPBUFLEN];
page = (char *)__get_free_page(GFP_KERNEL); ssize_t len = snprintf(res, sizeof(res), "%d", sel_ino_to_class(ino));
if (!page) return simple_read_from_buffer(buf, count, ppos, res, len);
return -ENOMEM;
len = snprintf(page, PAGE_SIZE, "%d", sel_ino_to_class(ino));
rc = simple_read_from_buffer(buf, count, ppos, page, len);
free_page((unsigned long)page);
return rc;
} }
static const struct file_operations sel_class_ops = { static const struct file_operations sel_class_ops = {
...@@ -1580,19 +1567,10 @@ static const struct file_operations sel_class_ops = { ...@@ -1580,19 +1567,10 @@ static const struct file_operations sel_class_ops = {
static ssize_t sel_read_perm(struct file *file, char __user *buf, static ssize_t sel_read_perm(struct file *file, char __user *buf,
size_t count, loff_t *ppos) size_t count, loff_t *ppos)
{ {
ssize_t rc, len;
char *page;
unsigned long ino = file->f_path.dentry->d_inode->i_ino; unsigned long ino = file->f_path.dentry->d_inode->i_ino;
char res[TMPBUFLEN];
page = (char *)__get_free_page(GFP_KERNEL); ssize_t len = snprintf(res, sizeof(res), "%d", sel_ino_to_perm(ino));
if (!page) return simple_read_from_buffer(buf, count, ppos, res, len);
return -ENOMEM;
len = snprintf(page, PAGE_SIZE, "%d", sel_ino_to_perm(ino));
rc = simple_read_from_buffer(buf, count, ppos, page, len);
free_page((unsigned long)page);
return rc;
} }
static const struct file_operations sel_perm_ops = { static const struct file_operations sel_perm_ops = {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册