From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F04C2C433EF for ; Wed, 13 Oct 2021 14:03:16 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id A7C21610D0 for ; Wed, 13 Oct 2021 14:03:16 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org A7C21610D0 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id 15EC2940007; Wed, 13 Oct 2021 10:03:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 10E3B6B0072; Wed, 13 Oct 2021 10:03:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 04B62940007; Wed, 13 Oct 2021 10:03:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0222.hostedemail.com [216.40.44.222]) by kanga.kvack.org (Postfix) with ESMTP id E67786B0071 for ; Wed, 13 Oct 2021 10:03:15 -0400 (EDT) Received: from smtpin05.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id ACC9B2BFAA for ; Wed, 13 Oct 2021 14:03:15 +0000 (UTC) X-FDA: 78691581150.05.645C974 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf28.hostedemail.com (Postfix) with ESMTP id BB5A79001843 for ; Wed, 13 Oct 2021 14:02:42 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id B9EAF60E8B; Wed, 13 Oct 2021 14:02:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1634133762; bh=RHnMUoM44+/2jvtNjJOKKEWOXqXVTINGoUUhr/d7sPg=; h=From:To:Cc:Subject:Date:In-Reply-To:From; b=XeCnCH54F2ghg/Kj/cIiaZ1wQy9vt0T4Yj9y4wtZXhAOYE7v9DI1r4ykK9B8oqa10 Xvq+KqnqtJPf6AXQD1MTTfHOPgARpRCUeQvBpmtwfsMKgLN54EOWb63lBT4GB/0hx2 1nZPK0Hv5HElXcYRHuz0rlpDHvo5pPQqzO3rOFFDet1a58GJOEKDe8x+SS4/ZNaPVj FNin/ullNPP5NLq+KqAdPAKbpLneD3BHCX5+4BC3JaBv0QAsKtQcCPOyaoiK92JC1h rdQfU0slUjpaz4kzj+0uTgNsyfe4JSDM+0Kcg9cMuLgYYSrSE7yolTsjxlWYfCMPs0 hAcf+h12nUolQ== From: SeongJae Park To: Xin Hao Cc: sjpark@amazon.de, akpm@linux-foundation.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mm/damon: Adjust the size of kbuf array to avoid overflow Date: Wed, 13 Oct 2021 14:02:38 +0000 Message-Id: <20211013140238.16347-1-sj@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211013114854.15705-1-xhao@linux.alibaba.com> X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: BB5A79001843 X-Stat-Signature: eyfmybfyg75hsft81bnkubctjo3prujz Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=XeCnCH54; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf28.hostedemail.com: domain of sj@kernel.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=sj@kernel.org X-HE-Tag: 1634133762-201351 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi Xin, On Wed, 13 Oct 2021 19:48:54 +0800 Xin Hao wrote: > In order to avoid the 'count' size space of kbuf array is > used up, but a "\0" is still added. Thank you for this patch! :) But... I unsure how this can cause a buffer overflow, as 'kbuf' is accessed by only size-specified functions, namely 'scnprintf()' and 'simple_read_from_buffer()'. If I'm missing something, please feel free to let me know. Thanks, SJ > > Signed-off-by: Xin Hao > --- > mm/damon/dbgfs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/damon/dbgfs.c b/mm/damon/dbgfs.c > index faee070977d8..20c61eed54af 100644 > --- a/mm/damon/dbgfs.c > +++ b/mm/damon/dbgfs.c > @@ -247,7 +247,7 @@ static ssize_t dbgfs_kdamond_pid_read(struct file *file, > char *kbuf; > ssize_t len; > > - kbuf = kmalloc(count, GFP_KERNEL); > + kbuf = kmalloc(count + 1, GFP_KERNEL); > if (!kbuf) > return -ENOMEM; > > -- > 2.31.0 >