leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bcache: fix input integer overflow of congested threshold

Browse Source 
Cache set congested threshold values congested_read_threshold_us and
congested_write_threshold_us can be set via sysfs interface. These
two values are 'unsigned int' type, but sysfs interface uses strtoul
to convert input string. So if people input a large number like
9999999999, the value indeed set is 1410065407, which is not expected
behavior.

This patch replaces sysfs_strtoul() by sysfs_strtoul_clamp() when
convert input string to unsigned int value, and set value range in
[0, UINT_MAX], to avoid the above integer overflow errors.

Signed-off-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
This commit is contained in:
Coly Li 2019-02-09 12:53:00 +08:00 committed by Jens Axboe
parent 596b5a5dd1
commit f54478c6e2
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
drivers/md/bcache/sysfs.c
View File

@ -778,10 +778,12 @@ STORE(__bch_cache_set)
c->shrink.scan_objects(&c->shrink, &sc); c->shrink.scan_objects(&c->shrink, &sc);
} }
sysfs_strtoul(congested_read_threshold_us, sysfs_strtoul_clamp(congested_read_threshold_us,
c->congested_read_threshold_us); c->congested_read_threshold_us,
sysfs_strtoul(congested_write_threshold_us, 0, UINT_MAX);
c->congested_write_threshold_us); sysfs_strtoul_clamp(congested_write_threshold_us,
c->congested_write_threshold_us,
0, UINT_MAX);
if (attr == &sysfs_errors) { if (attr == &sysfs_errors) {
v = __sysfs_match_string(error_actions, -1, buf); v = __sysfs_match_string(error_actions, -1, buf);