Current code is suboptimal in three ways:
1) it explicitly terminates the string which is not needed;
2) it might provoke additional faults, because asked lenght might be
bigger than the real one;
3) it consumes more than needed lines in the source.
Instead of using kmalloc() + strncpy_from_user() + terminating, just
utilize memdup_user_nul().
Signed-off-by: Andy Shevchenko <[email protected]>
---
drivers/pinctrl/pinmux.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/drivers/pinctrl/pinmux.c b/drivers/pinctrl/pinmux.c
index 021382632608..2d2f3bd164d5 100644
--- a/drivers/pinctrl/pinmux.c
+++ b/drivers/pinctrl/pinmux.c
@@ -692,14 +692,9 @@ static ssize_t pinmux_select(struct file *file, const char __user *user_buf,
if (len > PINMUX_SELECT_MAX)
return -ENOMEM;
- buf = kzalloc(PINMUX_SELECT_MAX, GFP_KERNEL);
- if (!buf)
- return -ENOMEM;
-
- ret = strncpy_from_user(buf, user_buf, PINMUX_SELECT_MAX);
- if (ret < 0)
- goto exit_free_buf;
- buf[len-1] = '\0';
+ buf = memdup_user_nul(user_buf, len);
+ if (IS_ERR(buf))
+ return PTR_ERR(buf);
/* remove leading and trailing spaces of input buffer */
gname = strstrip(buf);
--
2.40.0.1.gaa8946217a0b
On Sun, Jun 4, 2023 at 3:12 PM Andy Shevchenko
<[email protected]> wrote:
> Current code is suboptimal in three ways:
> 1) it explicitly terminates the string which is not needed;
> 2) it might provoke additional faults, because asked lenght might be
> bigger than the real one;
> 3) it consumes more than needed lines in the source.
>
> Instead of using kmalloc() + strncpy_from_user() + terminating, just
> utilize memdup_user_nul().
>
> Signed-off-by: Andy Shevchenko <[email protected]>
Excellent patch, applied!
Yours,
Linus Walleij