Linus, please apply.
Patrick, please read on.
This fixes the kernel crash in the case when we do an SIOCSIFNAME
ioctl on /proc/net/dev to rename a network interface, and
we supply a string such as "foo%sbar".
BTW, I've seen more places of this phenomenon, but they
are not with strings that come right from userspace like
this one.
BTW2, the attempt to rename the device here doesn't affect
sysfs. Patrick, we need a class_device_* interface that does
this.
--- linux-2.5.73/net/core/dev.c 2003-06-27 10:46:59.000000000 +0300
+++ linux-2.5.73/net/core/dev.c 2003-06-28 10:10:39.000000000 +0300
@@ -2346,7 +2346,7 @@
return -EEXIST;
memcpy(dev->name, ifr->ifr_newname, IFNAMSIZ);
dev->name[IFNAMSIZ - 1] = 0;
- snprintf(dev->class_dev.class_id, BUS_ID_SIZE, dev->name);
+ strlcpy(dev->class_dev.class_id, dev->name, BUS_ID_SIZE);
notifier_call_chain(&netdev_chain,
NETDEV_CHANGENAME, dev);
return 0;
--
Dan Aloni
[email protected]
On Sat, Jun 28, 2003 at 11:38:10AM +0300, Dan Aloni wrote:
>
> BTW2, the attempt to rename the device here doesn't affect
> sysfs. Patrick, we need a class_device_* interface that does
> this.
That's a good idea (I'm the person to blame for the class_device code,
not Pat.) Care to send a patch?
thanks,
greg k-h
On Sat, Jun 28, 2003 at 12:41:02PM -0700, Greg KH wrote:
> On Sat, Jun 28, 2003 at 11:38:10AM +0300, Dan Aloni wrote:
> >
> > BTW2, the attempt to rename the device here doesn't affect
> > sysfs. Patrick, we need a class_device_* interface that does
> > this.
>
> That's a good idea (I'm the person to blame for the class_device code,
> not Pat.) Care to send a patch?
I have no patch, but I thought of either using lookup_one_len()
and then d_move() to create a new dentry or to rip out some
code out of vfs_rename_dir(). Anyway, I'm no VFS expert, so
no patch any time soon.
--
Dan Aloni
[email protected]