[PATCH] ubi: replace simple_strtoul() with kstrtoul()
Geert Uytterhoeven
geert at linux-m68k.org
Mon May 19 02:14:56 PDT 2014
Please don't add mindless casts!
On Mon, May 19, 2014 at 10:38 AM, Zhang Zhen <zhenzhang.zhang at huawei.com> wrote:
> --- a/drivers/mtd/ubi/build.c
> +++ b/drivers/mtd/ubi/build.c
> @@ -1190,10 +1190,13 @@ static struct mtd_info * __init open_mtd_by_chdev(const char *mtd_dev)
> static struct mtd_info * __init open_mtd_device(const char *mtd_dev)
> {
> struct mtd_info *mtd;
> - int mtd_num;
> + int mtd_num, ret;
> char *endp;
>
> - mtd_num = simple_strtoul(mtd_dev, &endp, 0);
> + endp = (char *)mtd_dev;
> + ret = kstrtoul(endp, 0, (unsigned long *)&mtd_num);
On 64-bit, long is 64-bit, hence this will write beyond mtd_num and will corrupt
the stack.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert at linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
More information about the linux-mtd
mailing list