Re: [PATCH -next 2/3] batman-adv: Use seq_overflow

[Al Viro]

On Tue, Dec 10, 2013 at 09:12:43PM -0800, Joe Perches wrote:

> diff --git a/net/batman-adv/gateway_client.c b/net/batman-adv/gateway_client.c
> index 2449afa..dfa5d2d 100644
> --- a/net/batman-adv/gateway_client.c
> +++ b/net/batman-adv/gateway_client.c
> @@ -517,29 +517,28 @@ static int batadv_write_buffer_text(struct batadv_priv 
> *bat_priv,
>  {
>       struct batadv_gw_node *curr_gw;
>       struct batadv_neigh_node *router;
> -     int ret = -1;
>  
>       router = batadv_orig_node_get_router(gw_node->orig_node);
>       if (!router)
> -             goto out;
> +             return -1;

This (as well as the original) means "fail read(2) with -EINVAL", which
might or might not be correct behaviour.

>       curr_gw = batadv_gw_get_selected_gw_node(bat_priv);
>  
> -     ret = seq_printf(seq, "%s %pM (%3i) %pM [%10s]: %u.%u/%u.%u MBit\n",
> -                      (curr_gw == gw_node ? "=>" : "  "),
> -                      gw_node->orig_node->orig,
> -                      router->bat_iv.tq_avg, router->addr,
> -                      router->if_incoming->net_dev->name,
> -                      gw_node->bandwidth_down / 10,
> -                      gw_node->bandwidth_down % 10,
> -                      gw_node->bandwidth_up / 10,
> -                      gw_node->bandwidth_up % 10);
> +     seq_printf(seq, "%s %pM (%3i) %pM [%10s]: %u.%u/%u.%u MBit\n",
> +                (curr_gw == gw_node ? "=>" : "  "),
> +                gw_node->orig_node->orig,
> +                router->bat_iv.tq_avg, router->addr,
> +                router->if_incoming->net_dev->name,
> +                gw_node->bandwidth_down / 10,
> +                gw_node->bandwidth_down % 10,
> +                gw_node->bandwidth_up / 10,
> +                gw_node->bandwidth_up % 10);
>  
>       batadv_neigh_node_free_ref(router);
>       if (curr_gw)
>               batadv_gw_node_free_ref(curr_gw);
> -out:
> -     return ret;
> +
> +     return seq_overflow(seq);

... and this is utter junk.

This sucker should return 0.  Insufficiently large buffer will be handled
by caller, TYVM, if you give that caller a chance to do so.  Returning 1
from ->show() is a bug in almost all cases, and definitely so in this one.

Just in case somebody decides that above is worth copying: It Is Not.
Original code is buggy, plain and simple.  This one trades the older
bug ("fail with -EINVAL whenever the buffer is too small") with just as buggy
"silently skip an entry entirely whenever the buffer is too small".

Don't Do That.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/