Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp821562pxf; Wed, 7 Apr 2021 12:25:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxsyJYx/7Jb3WoT0rkB9JZs5KN4kAKpFdVZ2Ruab07zH9zDkfC/gv40y+CavpDykv+uIP8r X-Received: by 2002:a63:7c5a:: with SMTP id l26mr4809294pgn.224.1617823540957; Wed, 07 Apr 2021 12:25:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617823540; cv=none; d=google.com; s=arc-20160816; b=h11v4Uc6IB9fJiMyD72vHsVG58jr3IQe+yWPeJDhDHMaNKyFXZe7Z0bQdV5kY34JkQ XQI44QpJa6OxszhrVg7oaXsoexv5jBb8NMxyR3rt0WocrSIL3EwvQl68IKhcVu89WjdJ NVcaHdT6jnlGJKEvydPYGxQXfp6aemJol9dkTXrLBNVmZg5p4pPt8dpmGoO5P++DE2G0 Q1mv0A7NN6kxIDD1L0T9XMH6hi1gTZipJzsUaYKcFPBBIQwhIrDIHbnaByWYTaxZD/Jp 0lG93aGeLsSuSVPKJsA5E3r2Ez8hkmuBGm9/xz7xhC5RsX6bKiaFMDaDiOEmXz/7kjFc YJEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=CsI7tfPOG5Mi2ihwwdXabUOkBYN+hVKBUiXLDcAotIQ=; b=zcCuuibLU94mICrJdA//DP7d1qxNAHlR11s72BfCYjWBHBXdOtVMr1MGEsvX0uXGze MC+bG5N9qmxtraTvOhBZ521YKr6Njwq45eiXz1IHr1NkVMitZcvE8R1tTrd1kZTLLl8c SJWuQ/f+BNt8FJk4mW11vtAUZm49Ivj3h+Jno5doZAt7KkqpJgngBYxWMHX34XZ+3Z5E PMsLuGV0gWPhrvYtwoqre8FmwUIx5sjJCIvDejdaPdaGv0b3jx9OwPkh/EBzF3nS/cWa rV+uion9I9cTYSomf2hX+EJDvUAOzsigIniqVjlNn2rHUHT3WWKeYYjy6AuSKI7rYFoF zKRQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s139si1816976pfc.9.2021.04.07.12.25.29; Wed, 07 Apr 2021 12:25:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243315AbhDGGfP (ORCPT + 99 others); Wed, 7 Apr 2021 02:35:15 -0400 Received: from relay7-d.mail.gandi.net ([217.70.183.200]:33703 "EHLO relay7-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232976AbhDGGfO (ORCPT ); Wed, 7 Apr 2021 02:35:14 -0400 X-Originating-IP: 82.65.183.113 Received: from [172.16.5.113] (82-65-183-113.subs.proxad.net [82.65.183.113]) (Authenticated sender: alex@ghiti.fr) by relay7-d.mail.gandi.net (Postfix) with ESMTPSA id 82B662000A; Wed, 7 Apr 2021 06:35:03 +0000 (UTC) Subject: Re: [PATCH] driver: of: Properly truncate command line if too long To: Andy Shevchenko Cc: Rob Herring , Frank Rowand , Dmitry Vyukov , "devicetree@vger.kernel.org" , "linux-kernel@vger.kernel.org" References: <20210316193820.3137-1-alex@ghiti.fr> From: Alex Ghiti Message-ID: <3bd1df97-9633-a8cd-291c-906b8574565d@ghiti.fr> Date: Wed, 7 Apr 2021 02:35:03 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: fr Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Andy, Le 4/6/21 à 6:56 PM, Andy Shevchenko a écrit : > > > On Tuesday, March 16, 2021, Alexandre Ghiti > wrote: > > In case the command line given by the user is too long, warn about it > and truncate it to the last full argument. > > This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub: > Don't parse overlong command lines"). > > Reported-by: Dmitry Vyukov > > Signed-off-by: Alexandre Ghiti > > --- >  drivers/of/fdt.c | 21 ++++++++++++++++++++- >  1 file changed, 20 insertions(+), 1 deletion(-) > > diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c > index dcc1dd96911a..de4c6f9bac39 100644 > --- a/drivers/of/fdt.c > +++ b/drivers/of/fdt.c > @@ -25,6 +25,7 @@ >  #include >  #include >  #include > +#include > >  #include   /* for COMMAND_LINE_SIZE */ >  #include > @@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned > long node, const char *uname, > >         /* Retrieve command line */ >         p = of_get_flat_dt_prop(node, "bootargs", &l); > -       if (p != NULL && l > 0) > +       if (p != NULL && l > 0) { >                 strlcpy(data, p, min(l, COMMAND_LINE_SIZE)); > > +               /* > +                * If the given command line size is larger than > +                * COMMAND_LINE_SIZE, truncate it to the last complete > +                * parameter. > +                */ > +               if (l > COMMAND_LINE_SIZE) { > +                       char *cmd_p = (char *)data + > COMMAND_LINE_SIZE - 1; > + > +                       while (!isspace(*cmd_p)) > +                               cmd_p--; > > > Shouldn’t you check for cmd_p being always bigger than or equal to data? Yes you're right. > > + > +                       *cmd_p = '\0'; > + > +                       pr_err("Command line is too long: truncated > to %d bytes\n", > +                              (int)(cmd_p - (char *)data + 1)); > > > Do you really need that casting? No, I can use %td to print a pointer difference. I'll send a v2. Thanks, Alex > > +               } > +       } > + >         /* >          * CONFIG_CMDLINE is meant to be a default in case nothing else >          * managed to set the command line, unless CONFIG_CMDLINE_FORCE > -- > 2.20.1 > > > > -- > With Best Regards, > Andy Shevchenko > >