Gilles Chanteperdrix wrote:
> Jan Kiszka wrote:
>> Gilles Chanteperdrix wrote:
>>> Jan Kiszka wrote:
>>>> Gilles Chanteperdrix wrote:
>>>>> Jan Kiszka wrote:
>>>>>> Obviously a conversion error while switching to __xn_safe*.
>>>>>>
>>>>>> Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
>>>>> Well, I have just checked the kernel code, and 0 as a return value of
>>>>> strncpy_from_user is treated as a value in most places, even if not 
>>>>> -EFAULT.
>>>>>
>>>> Better check our code: :) __xn_safe_strncpy_from_user works differently.
>>> Then I would tend to consider that xn_safe_strncpy is broken.
>> No, because it not a derivate of strncpy_from_user, but an internal
>> service optimized for the most common use cases (where you don't care
>> about the precise return value).
> 
> So, what should I call if I care about the return value ?

The old combo of access_rok() and __xn_strncpy_from_user() - ah, I see
the issue: POSIX requires the length to report overflows to the users.
Hmm, then back to the old code, just adding the missing address range check.

Jan

-- 
Siemens AG, Corporate Technology, CT SE 2
Corporate Competence Center Embedded Linux

_______________________________________________
Xenomai-core mailing list
Xenomai-core@gna.org
https://mail.gna.org/listinfo/xenomai-core

Reply via email to