diff options
| author |   Coly Li <colyli@suse.de> | 2019-02-09 12:53:00 +0800 |
|---|---|---|
| committer |   Jens Axboe <axboe@kernel.dk> | 2019-02-09 07:18:31 -0700 |
| commit | f54478c6e226bb1540a3e58366601039dfd778e2 (patch) | |
| tree | 1a1ee0684bdad2647fbdb03a2ac479eec772a8e9 | |
| parent | bcache: improve sysfs_strtoul_clamp() (diff) | |
| download | linux-dev-f54478c6e226bb1540a3e58366601039dfd778e2.tar.xz linux-dev-f54478c6e226bb1540a3e58366601039dfd778e2.zip | |
bcache: fix input integer overflow of congested threshold
Cache set congested threshold values congested_read_threshold_us and
congested_write_threshold_us can be set via sysfs interface. These
two values are 'unsigned int' type, but sysfs interface uses strtoul
to convert input string. So if people input a large number like
9999999999, the value indeed set is 1410065407, which is not expected
behavior.
This patch replaces sysfs_strtoul() by sysfs_strtoul_clamp() when
convert input string to unsigned int value, and set value range in
[0, UINT_MAX], to avoid the above integer overflow errors.
Signed-off-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
| -rw-r--r-- | drivers/md/bcache/sysfs.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c index 9be27b26d300..bedd3e68fd29 100644 --- a/drivers/md/bcache/sysfs.c +++ b/drivers/md/bcache/sysfs.c @@ -778,10 +778,12 @@ STORE(__bch_cache_set) c->shrink.scan_objects(&c->shrink, &sc); } - sysfs_strtoul(congested_read_threshold_us, - c->congested_read_threshold_us); - sysfs_strtoul(congested_write_threshold_us, - c->congested_write_threshold_us); + sysfs_strtoul_clamp(congested_read_threshold_us, + c->congested_read_threshold_us, + 0, UINT_MAX); + sysfs_strtoul_clamp(congested_write_threshold_us, + c->congested_write_threshold_us, + 0, UINT_MAX); if (attr == &sysfs_errors) { v = __sysfs_match_string(error_actions, -1, buf); |