aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChao Yu <[email protected]>2022-09-26 22:20:41 +0800
committerVlastimil Babka <[email protected]>2022-09-26 16:25:40 +0200
commitd65360f224069a6de56eb18e0425973914a10fe8 (patch)
tree6fc2e683fa630a2bec75b32deeb537d097a6f489
parent2bfbb0271a5b48c01c711d1509a422a7244c9eb8 (diff)
mm/slub: clean up create_unique_id()
As Christophe JAILLET suggested [1] In create_unique_id(), "looks that ID_STR_LENGTH could even be reduced to 32 or 16. The 2nd BUG_ON at the end of the function could certainly be just removed as well or remplaced by a: if (p > name + ID_STR_LENGTH - 1) { kfree(name); return -E<something>; } " According to above suggestion, let's do below cleanups: 1. reduce ID_STR_LENGTH to 32, as the buffer size should be enough; 2. use WARN_ON instead of BUG_ON() and return error if check condition is true; 3. use snprintf instead of sprintf to avoid overflow. [1] https://lore.kernel.org/linux-mm/[email protected]/ Suggested-by: Christophe JAILLET <[email protected]> Reviewed-by: Hyeonggon Yoo <[email protected]> Signed-off-by: Chao Yu <[email protected]> Signed-off-by: Vlastimil Babka <[email protected]>
-rw-r--r--mm/slub.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/mm/slub.c b/mm/slub.c
index dc59b9e8c66f..8f80d9bc507f 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -5874,7 +5874,7 @@ static inline struct kset *cache_kset(struct kmem_cache *s)
return slab_kset;
}
-#define ID_STR_LENGTH 64
+#define ID_STR_LENGTH 32
/* Create a unique string id for a slab cache:
*
@@ -5907,9 +5907,12 @@ static char *create_unique_id(struct kmem_cache *s)
*p++ = 'A';
if (p != name + 1)
*p++ = '-';
- p += sprintf(p, "%07u", s->size);
+ p += snprintf(p, ID_STR_LENGTH - (p - name), "%07u", s->size);
- BUG_ON(p > name + ID_STR_LENGTH - 1);
+ if (WARN_ON(p > name + ID_STR_LENGTH - 1)) {
+ kfree(name);
+ return ERR_PTR(-EINVAL);
+ }
return name;
}