Fix a weird behavior of a function

The procfile_write prints the content what user writes into. However,
when the content size is greater than or equal to PROCFS_MAX_SIZE,
procfile_write will print nothing, because the index for appending the
tail NULL character will be modulo to 0, which is an off-by-one error.

This fixes the problem by changing the upper bound of procfs_buffer_size
to (PROCFS_MAX_SIZE - 1), leaving one byte for NULL character. After
the change, we can discard the modulo because the range of
procfs_buffer_size is already between 0 and (PROCFS_MAX_SIZE - 1).
This commit is contained in:
Bob Lee 2024-10-06 23:41:10 +08:00
parent 1fc5305714
commit d1d2a2b031
No known key found for this signature in database
GPG Key ID: 0DA954476306EEFA

View File

@ -48,13 +48,13 @@ static ssize_t procfile_write(struct file *file, const char __user *buff,
size_t len, loff_t *off) size_t len, loff_t *off)
{ {
procfs_buffer_size = len; procfs_buffer_size = len;
if (procfs_buffer_size > PROCFS_MAX_SIZE) if (procfs_buffer_size >= PROCFS_MAX_SIZE)
procfs_buffer_size = PROCFS_MAX_SIZE; procfs_buffer_size = PROCFS_MAX_SIZE - 1;
if (copy_from_user(procfs_buffer, buff, procfs_buffer_size)) if (copy_from_user(procfs_buffer, buff, procfs_buffer_size))
return -EFAULT; return -EFAULT;
procfs_buffer[procfs_buffer_size & (PROCFS_MAX_SIZE - 1)] = '\0'; procfs_buffer[procfs_buffer_size] = '\0';
*off += procfs_buffer_size; *off += procfs_buffer_size;
pr_info("procfile write %s\n", procfs_buffer); pr_info("procfile write %s\n", procfs_buffer);