mirror of
https://github.com/sysprog21/lkmpg.git
synced 2024-11-24 10:40:51 +08:00
Fix a weird behavior of a function
The procfile_write prints the content what user writes into. However, when the content size is greater than or equal to PROCFS_MAX_SIZE, procfile_write will print nothing, because the index for appending the tail NULL character will be modulo to 0, which is an off-by-one error. This fixes the problem by changing the upper bound of procfs_buffer_size to (PROCFS_MAX_SIZE - 1), leaving one byte for NULL character. After the change, we can discard the modulo because the range of procfs_buffer_size is already between 0 and (PROCFS_MAX_SIZE - 1).
This commit is contained in:
parent
1fc5305714
commit
d1d2a2b031
|
@ -48,13 +48,13 @@ static ssize_t procfile_write(struct file *file, const char __user *buff,
|
||||||
size_t len, loff_t *off)
|
size_t len, loff_t *off)
|
||||||
{
|
{
|
||||||
procfs_buffer_size = len;
|
procfs_buffer_size = len;
|
||||||
if (procfs_buffer_size > PROCFS_MAX_SIZE)
|
if (procfs_buffer_size >= PROCFS_MAX_SIZE)
|
||||||
procfs_buffer_size = PROCFS_MAX_SIZE;
|
procfs_buffer_size = PROCFS_MAX_SIZE - 1;
|
||||||
|
|
||||||
if (copy_from_user(procfs_buffer, buff, procfs_buffer_size))
|
if (copy_from_user(procfs_buffer, buff, procfs_buffer_size))
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
|
|
||||||
procfs_buffer[procfs_buffer_size & (PROCFS_MAX_SIZE - 1)] = '\0';
|
procfs_buffer[procfs_buffer_size] = '\0';
|
||||||
*off += procfs_buffer_size;
|
*off += procfs_buffer_size;
|
||||||
pr_info("procfile write %s\n", procfs_buffer);
|
pr_info("procfile write %s\n", procfs_buffer);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user