LU-8774 lprocfs: not use MAX_STRING_SIZE in copy_from_user

This patch removes the usage of MAX_STRING_SIZE from
copy_from_user() and just copies enough bytes to cover
count passed in.

Signed-off-by: Jian Yu <jian.yu@intel.com>
Change-Id: I1ac2c779b5cd984f88bb85d4ae8d571f7931091f
Reviewed-on: http://review.whamcloud.com/23462
Tested-by: Jenkins
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>

diff --git a/lustre/ldlm/ldlm_resource.c b/lustre/ldlm/ldlm_resource.c
index 85c7f41..b131001 100644 (file)
--- a/lustre/ldlm/ldlm_resource.c
+++ b/lustre/ldlm/ldlm_resource.c
@@ -305,13 +305,21 @@ static ssize_t lprocfs_lru_size_seq_write(struct file *file,
                                          size_t count, loff_t *off)
 {
        struct ldlm_namespace *ns = ((struct seq_file *)file->private_data)->private;
-        char dummy[MAX_STRING_SIZE + 1], *end;
-        unsigned long tmp;
-        int lru_resize;
+       char                   dummy[MAX_STRING_SIZE + 1];
+       char                  *end;
+       unsigned long          tmp;
+       int                    lru_resize;
 
-        dummy[MAX_STRING_SIZE] = '\0';
-       if (copy_from_user(dummy, buffer, MAX_STRING_SIZE))
-                return -EFAULT;
+       if (count >= sizeof(dummy))
+               return -EINVAL;
+
+       if (count == 0)
+               return 0;
+
+       if (copy_from_user(dummy, buffer, count))
+               return -EFAULT;
+
+       dummy[count] = 0;
 
         if (strncmp(dummy, "clear", 5) == 0) {
                 CDEBUG(D_DLMTRACE,

diff --git a/lustre/obdclass/lprocfs_status.c b/lustre/obdclass/lprocfs_status.c
index a58cbc3..08db676 100644 (file)
--- a/lustre/obdclass/lprocfs_status.c
+++ b/lustre/obdclass/lprocfs_status.c
@@ -296,20 +296,28 @@ EXPORT_SYMBOL(lprocfs_uint_seq_show);
 int lprocfs_wr_uint(struct file *file, const char __user *buffer,
                     unsigned long count, void *data)
 {
-        unsigned *p = data;
-        char dummy[MAX_STRING_SIZE + 1], *end;
-        unsigned long tmp;
+       unsigned        *p = data;
+       char             dummy[MAX_STRING_SIZE + 1];
+       char            *end;
+       unsigned long    tmp;
 
-        dummy[MAX_STRING_SIZE] = '\0';
-       if (copy_from_user(dummy, buffer, MAX_STRING_SIZE))
-                return -EFAULT;
+       if (count >= sizeof(dummy))
+               return -EINVAL;
 
-        tmp = simple_strtoul(dummy, &end, 0);
-        if (dummy == end)
-                return -EINVAL;
+       if (count == 0)
+               return 0;
+
+       if (copy_from_user(dummy, buffer, count))
+               return -EFAULT;
 
-        *p = (unsigned int)tmp;
-        return count;
+       dummy[count] = 0;
+
+       tmp = simple_strtoul(dummy, &end, 0);
+       if (dummy == end)
+               return -EINVAL;
+
+       *p = (unsigned int)tmp;
+       return count;
 }
 EXPORT_SYMBOL(lprocfs_wr_uint);