Replace strlen(fn) with strnlen(fn, NAME_MAX + 1) when validating the
final path component in __proc_create().
This preserves the existing name limit while bounding the length scan to
one byte past the maximum name length. Handle empty names separately, and
treat names longer than NAME_MAX as too long.
Link: https://lore.kernel.org/20260421122648.56723-2-thorsten.blum@linux.dev
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Reviewed-by: Jan Kara <jack@suse.cz>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Thorsten Blum <thorsten.blum@linux.dev>
Cc: wangzijie <wangzijie1@honor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
if (xlate_proc_name(name, parent, &fn) != 0)
goto out;
qstr.name = fn;
- qstr.len = strlen(fn);
- if (qstr.len == 0 || qstr.len >= 256) {
- WARN(1, "name len %u\n", qstr.len);
+ qstr.len = strnlen(fn, NAME_MAX + 1);
+ if (qstr.len == 0) {
+ WARN(1, "empty name\n");
+ return NULL;
+ }
+ if (qstr.len > NAME_MAX) {
+ WARN(1, "name too long\n");
return NULL;
}
if (qstr.len == 1 && fn[0] == '.') {
projects / thirdparty / linux.git / commitdiff
