On Wed 2019-07-10 17:19:22, Sergey Senozhatsky wrote:
> On (07/10/19 10:04), Vincent Whitchurch wrote:
> > > > [..]
> > > >
> > > > > @@ -1318,7 +1318,7 @@ static size_t msg_print_text(const struct
> > > > > printk_log *msg, bool syslog,
> > > > > }
> > > > >
> > > > > if (buf) {
> > > > > - if (prefix_len + text_len + 1 >= size - len)
> > > > > + if (prefix_len + text_len + 1 > size - len)
> > > > > break;
> > > >
> > > > So with this patch the last byte of the buffer is 0xA. It's a bit
> > > > uncomfortable that `len', which we return from msg_print_text(),
> > > > now points one byte beyond the buffer:
> > > >
> > > > buf[len++] = '\n';
> > > > return len;
> > > >
> > > > This is not very common. Not sure what usually happens to kmsg_dump
> > > > buffers, but anyone who'd do a rather innocent
> > > >
> > > > kmsg_dump(buf, &len);
> > > > buf[len] = 0x00;
> > > >
> > > > will write to something which is not a kmsg buffer (in some cases).
>
> [..]
>
> > arch/powerpc/xmon/xmon.c
> > 2836: while (kmsg_dump_get_line_nolock(&dumper, false, buf,
> > sizeof(buf), &len)) {
> > 2837- buf[len] = '\0';
> >
> > arch/um/kernel/kmsg_dump.c
> > 29: while (kmsg_dump_get_line(dumper, true, line, sizeof(line), &len)) {
> > 30- line[len] = '\0';
> >
> > I guess we should fix these first and leave this patch as is?
>
> We certainly need to fix something here, and I'd say that we
> better handle it on the msg_print_text() side. There might be
> more kmsg_dump_get_line() users doing `buf[len] = '\0'' in the
> future.
I though more about it and I agree with Sergey. One unused byte does
not look worth the risk. Especially when we are talking about strings
where many people expect the trailing '\0'.
I would even modify msg_print_text() to always add the trailing '\0'.
All bytes will be used and it will be more error-proof API. I guess
that this is what Sergey meant by better handling it on the
msg_print_text() side.
Best Regards,
Petr
