[PATCH] ubi: replace simple_strtoul() with kstrtoul()
Zhang Zhen
zhenzhang.zhang at huawei.com
Tue May 20 01:14:45 PDT 2014
On 2014/5/20 14:57, Geert Uytterhoeven wrote:
> On Tue, May 20, 2014 at 3:18 AM, Zhang Zhen <zhenzhang.zhang at huawei.com> wrote:
>> On 2014/5/19 17:14, Geert Uytterhoeven wrote:
>>> Please don't add mindless casts!
>>>
>>> On Mon, May 19, 2014 at 10:38 AM, Zhang Zhen <zhenzhang.zhang at huawei.com> wrote:
>>>> --- a/drivers/mtd/ubi/build.c
>>>> +++ b/drivers/mtd/ubi/build.c
>>>> @@ -1190,10 +1190,13 @@ static struct mtd_info * __init open_mtd_by_chdev(const char *mtd_dev)
>>>> static struct mtd_info * __init open_mtd_device(const char *mtd_dev)
>>>> {
>>>> struct mtd_info *mtd;
>>>> - int mtd_num;
>>>> + int mtd_num, ret;
>>>> char *endp;
>>>>
>>>> - mtd_num = simple_strtoul(mtd_dev, &endp, 0);
>>>> + endp = (char *)mtd_dev;
>>>> + ret = kstrtoul(endp, 0, (unsigned long *)&mtd_num);
>>>
>>> On 64-bit, long is 64-bit, hence this will write beyond mtd_num and will corrupt
>>> the stack.
>>
>> Yeah, you are right. This really may write beyond dev.
>>
>> The kstrtoul(const char *s, unsigned int base, unsigned long *res) only accept unsigned long
>> pointer as the third parameter.
>> And the original function simple_strtoul() returns unsigned long type value.
>> It is also cast. So this may not corrupt the stack.
>>
>> Or do you have any better suggestion about this?
>
> kstrtoint().
>
Hi Geert,
Thanks for your suggestion, i will send the version2 out.
> Gr{oetje,eeting}s,
>
> Geert
>
> --
> Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert at linux-m68k.org
>
> In personal conversations with technical people, I call myself a hacker. But
> when I'm talking to journalists I just say "programmer" or something like that.
> -- Linus Torvalds
>
>
More information about the linux-mtd
mailing list