diff mbox series

[12/19] bcache: fix input overflow to writeback_delay

Message ID	20190209045311.15677-13-colyli@suse.de (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-block-owner@kernel.org> From: Coly Li <colyli@suse.de> To: axboe@kernel.dk Cc: linux-bcache@vger.kernel.org, linux-block@vger.kernel.org, Coly Li <colyli@suse.de> Subject: [PATCH 12/19] bcache: fix input overflow to writeback_delay Date: Sat, 9 Feb 2019 12:53:04 +0800 Message-Id: <20190209045311.15677-13-colyli@suse.de> In-Reply-To: <20190209045311.15677-1-colyli@suse.de> References: <20190209045311.15677-1-colyli@suse.de> Sender: linux-block-owner@vger.kernel.org Precedence: bulk
Series	bcache patches for Linux v5.1 \| expand [00/19] bcache patches for Linux v5.1 [01/19] bcache: never writeback a discard operation [02/19] bcache: not use hard coded memset size in bch_cache_accounting_clear() [03/19] bcache: export backing_dev_name via sysfs [04/19] bcache: export backing_dev_uuid via sysfs [05/19] bcache: fix indentation issue, remove tabs on a hunk of code [06/19] bcache: treat stale && dirty keys as bad keys [07/19] bcache: improve sysfs_strtoul_clamp() [08/19] bcache: fix input integer overflow of congested threshold [09/19] bcache: fix input overflow to sequential_cutoff [10/19] bcache: add sysfs_strtoul_bool() for setting bit-field variables [11/19] bcache: use sysfs_strtoul_bool() to set bit-field variables [12/19] bcache: fix input overflow to writeback_delay [13/19] bcache: fix potential div-zero error of writeback_rate_i_term_inverse [14/19] bcache: fix potential div-zero error of writeback_rate_p_term_inverse [15/19] bcache: fix input overflow to writeback_rate_minimum [16/19] bcache: fix input overflow to journal_delay_ms [17/19] bcache: fix input overflow to cache set io_error_limit [18/19] bcache: fix input overflow to cache set sysfs file io_error_halflife [19/19] bcache: use (REQ_META\|REQ_PRIO) to indicate bio for metadata

Commit Message

Coly Li Feb. 9, 2019, 4:53 a.m. UTC

Sysfs file writeback_delay is used to configure dc->writeback_delay
which is type unsigned int. But bcache code uses sysfs_strtoul() to
convert the input string, therefore it might be overflowed if the input
value is too large. E.g. input value is 4294967296 but indeed 0 is
set to dc->writeback_delay.

This patch uses sysfs_strtoul_clamp() to convert the input string and
set the result value range in [0, UINT_MAX] to avoid such unsigned
integer overflow.

Signed-off-by: Coly Li <colyli@suse.de>
---
 drivers/md/bcache/sysfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff mbox series

Patch

diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
index 57395e23747a..e4519326594f 100644
--- a/drivers/md/bcache/sysfs.c
+++ b/drivers/md/bcache/sysfs.c
@@ -280,7 +280,7 @@  STORE(__cached_dev)
 	sysfs_strtoul_bool(bypass_torture_test, dc->bypass_torture_test);
 	sysfs_strtoul_bool(writeback_metadata, dc->writeback_metadata);
 	sysfs_strtoul_bool(writeback_running, dc->writeback_running);
-	d_strtoul(writeback_delay);
+	sysfs_strtoul_clamp(writeback_delay, dc->writeback_delay, 0, UINT_MAX);
 
 	sysfs_strtoul_clamp(writeback_percent, dc->writeback_percent,
 			    0, bch_cutoff_writeback);