Fix minor u64 read-in issue in devalarm
authorBarret Rhoden <brho@cs.berkeley.edu>
Tue, 22 Sep 2015 15:17:23 +0000 (11:17 -0400)
committerBarret Rhoden <brho@cs.berkeley.edu>
Mon, 28 Sep 2015 19:14:00 +0000 (15:14 -0400)
32 bits for buf is more than they should ever send in, but NUMSIZE64 is
more appropriate, now that it can handle leading "0x"es.  Also, we
should error out when n > sizeof, not >= sizeof.  This didn't matter
before we used NUMSIZE64.

These aren't a big deal, but since device code gets copied around, it's
worth fixing.

kern/drivers/dev/alarm.c

index 52bd8cd..f085abb 100644 (file)
@@ -355,7 +355,7 @@ static long alarmread(struct chan *c, void *ubuf, long n, int64_t offset)
 static long alarmwrite(struct chan *c, void *ubuf, long n, int64_t unused)
 {
        ERRSTACK(1);
-       char buf[32];
+       char num64[NUMSIZE64];
        struct cmdbuf *cb;
        struct proc_alarm *p_alarm;
        uint64_t hexval;
@@ -394,11 +394,13 @@ static long alarmwrite(struct chan *c, void *ubuf, long n, int64_t unused)
                case Qtimer:
                        /* want to give strtoul a null-terminated buf (can't handle random
                         * user strings) */
-                       if (n >= sizeof(buf))
-                               error(Egreg);
-                       memcpy(buf, ubuf, n);
-                       buf[n] = 0;
-                       hexval = strtoul(buf, 0, 16);
+                       if (n > sizeof(num64)) {
+                               set_errno(EINVAL);
+                               error("attempted to write %d chars, max %d", n, sizeof(num64));
+                       }
+                       memcpy(num64, ubuf, n);
+                       num64[n] = 0;   /* enforce trailing 0 */
+                       hexval = strtoul(num64, 0, 16);
                        p_alarm = QID2A(c->qid);
                        /* if you don't know if it was running or not, resetting will turn
                         * it on regardless. */