devfreq: add error check for sscanf in userspace governor
diff mbox

Message ID 1502111205-22560-2-git-send-email-gsantosh@codeaurora.org
State Deferred
Headers show

Commit Message

gsantosh@codeaurora.org Aug. 7, 2017, 1:06 p.m. UTC
store_freq function of devfreq userspace governor
executes further, even if error is returned from sscanf,
this will result in setting up wrong frequency value.

Add proper error check to bail out if any error is returned.

Signed-off-by: Santosh Mardi <gsantosh@codeaurora.org>
---
 drivers/devfreq/governor_userspace.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

MyungJoo Ham Aug. 8, 2017, 12:14 a.m. UTC | #1
> store_freq function of devfreq userspace governor
> executes further, even if error is returned from sscanf,
> this will result in setting up wrong frequency value.
> 
> Add proper error check to bail out if any error is returned.
> 
> Signed-off-by: Santosh Mardi <gsantosh@codeaurora.org>

Acked-by: MyungJoo Ham <myungjoo.ham@samsung.com>

> ---
>  drivers/devfreq/governor_userspace.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
Chanwoo Choi Aug. 8, 2017, 12:51 a.m. UTC | #2
Hi,

On 2017년 08월 07일 22:06, Santosh Mardi wrote:
> store_freq function of devfreq userspace governor
> executes further, even if error is returned from sscanf,
> this will result in setting up wrong frequency value.
> 
> Add proper error check to bail out if any error is returned.
> 
> Signed-off-by: Santosh Mardi <gsantosh@codeaurora.org>
> ---
>  drivers/devfreq/governor_userspace.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/devfreq/governor_userspace.c b/drivers/devfreq/governor_userspace.c
> index 77028c2..1d0c9cc 100644
> --- a/drivers/devfreq/governor_userspace.c
> +++ b/drivers/devfreq/governor_userspace.c
> @@ -53,12 +53,15 @@ static ssize_t store_freq(struct device *dev, struct device_attribute *attr,
>  	mutex_lock(&devfreq->lock);
>  	data = devfreq->data;
>  
> -	sscanf(buf, "%lu", &wanted);
> +	err = sscanf(buf, "%lu", &wanted);
> +	if (err != 1)
> +		goto out;
>  	data->user_frequency = wanted;
>  	data->valid = true;
>  	err = update_devfreq(devfreq);
>  	if (err == 0)
>  		err = count;
> +out:
>  	mutex_unlock(&devfreq->lock);
>  	return err;
>  }
> 

Looks good to me.
Reviewed-by: Chanwoo Choi <cw00.choi@samsung.com>
Pavan Kondeti Aug. 8, 2017, 6:56 a.m. UTC | #3
Hi Santosh,

On Mon, Aug 7, 2017 at 6:36 PM, Santosh Mardi <gsantosh@codeaurora.org> wrote:
> store_freq function of devfreq userspace governor
> executes further, even if error is returned from sscanf,
> this will result in setting up wrong frequency value.
>
> Add proper error check to bail out if any error is returned.
>
> Signed-off-by: Santosh Mardi <gsantosh@codeaurora.org>
> ---
>  drivers/devfreq/governor_userspace.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/devfreq/governor_userspace.c b/drivers/devfreq/governor_userspace.c
> index 77028c2..1d0c9cc 100644
> --- a/drivers/devfreq/governor_userspace.c
> +++ b/drivers/devfreq/governor_userspace.c
> @@ -53,12 +53,15 @@ static ssize_t store_freq(struct device *dev, struct device_attribute *attr,
>         mutex_lock(&devfreq->lock);
>         data = devfreq->data;
>
> -       sscanf(buf, "%lu", &wanted);
> +       err = sscanf(buf, "%lu", &wanted);
> +       if (err != 1)
> +               goto out;

You can save this goto statement by moving this sscanf checking to
before taking the mutex.

>         data->user_frequency = wanted;
>         data->valid = true;
>         err = update_devfreq(devfreq);
>         if (err == 0)
>                 err = count;
> +out:
>         mutex_unlock(&devfreq->lock);
>         return err;
>  }
> --
> 1.9.1
>
Saravana Kannan Aug. 8, 2017, 7:26 p.m. UTC | #4
On 08/07/2017 11:56 PM, Pavan Kondeti wrote:
> Hi Santosh,
>
> On Mon, Aug 7, 2017 at 6:36 PM, Santosh Mardi <gsantosh@codeaurora.org> wrote:
>> store_freq function of devfreq userspace governor
>> executes further, even if error is returned from sscanf,
>> this will result in setting up wrong frequency value.
>>
>> Add proper error check to bail out if any error is returned.
>>
>> Signed-off-by: Santosh Mardi <gsantosh@codeaurora.org>
>> ---
>>   drivers/devfreq/governor_userspace.c | 5 ++++-
>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/devfreq/governor_userspace.c b/drivers/devfreq/governor_userspace.c
>> index 77028c2..1d0c9cc 100644
>> --- a/drivers/devfreq/governor_userspace.c
>> +++ b/drivers/devfreq/governor_userspace.c
>> @@ -53,12 +53,15 @@ static ssize_t store_freq(struct device *dev, struct device_attribute *attr,
>>          mutex_lock(&devfreq->lock);
>>          data = devfreq->data;
>>
>> -       sscanf(buf, "%lu", &wanted);
>> +       err = sscanf(buf, "%lu", &wanted);

Also, we could just use kstroul().

>> +       if (err != 1)
>> +               goto out;
>
> You can save this goto statement by moving this sscanf checking to
> before taking the mutex.
>
>>          data->user_frequency = wanted;
>>          data->valid = true;
>>          err = update_devfreq(devfreq);
>>          if (err == 0)
>>                  err = count;
>> +out:
>>          mutex_unlock(&devfreq->lock);
>>          return err;
>>   }
>> --
>> 1.9.1
>>

-Saravana

Patch
diff mbox

diff --git a/drivers/devfreq/governor_userspace.c b/drivers/devfreq/governor_userspace.c
index 77028c2..1d0c9cc 100644
--- a/drivers/devfreq/governor_userspace.c
+++ b/drivers/devfreq/governor_userspace.c
@@ -53,12 +53,15 @@  static ssize_t store_freq(struct device *dev, struct device_attribute *attr,
 	mutex_lock(&devfreq->lock);
 	data = devfreq->data;
 
-	sscanf(buf, "%lu", &wanted);
+	err = sscanf(buf, "%lu", &wanted);
+	if (err != 1)
+		goto out;
 	data->user_frequency = wanted;
 	data->valid = true;
 	err = update_devfreq(devfreq);
 	if (err == 0)
 		err = count;
+out:
 	mutex_unlock(&devfreq->lock);
 	return err;
 }