summaryrefslogtreecommitdiff
path: root/drivers/md/bcache/sysfs.c
diff options
context:
space:
mode:
authorColy Li <colyli@suse.de>2019-02-09 07:53:00 +0300
committerJens Axboe <axboe@kernel.dk>2019-02-09 17:18:31 +0300
commitf54478c6e226bb1540a3e58366601039dfd778e2 (patch)
tree1a1ee0684bdad2647fbdb03a2ac479eec772a8e9 /drivers/md/bcache/sysfs.c
parent596b5a5dd1bc2fa019fdaaae522ef331deef927f (diff)
downloadlinux-f54478c6e226bb1540a3e58366601039dfd778e2.tar.xz
bcache: fix input integer overflow of congested threshold
Cache set congested threshold values congested_read_threshold_us and congested_write_threshold_us can be set via sysfs interface. These two values are 'unsigned int' type, but sysfs interface uses strtoul to convert input string. So if people input a large number like 9999999999, the value indeed set is 1410065407, which is not expected behavior. This patch replaces sysfs_strtoul() by sysfs_strtoul_clamp() when convert input string to unsigned int value, and set value range in [0, UINT_MAX], to avoid the above integer overflow errors. Signed-off-by: Coly Li <colyli@suse.de> Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'drivers/md/bcache/sysfs.c')
-rw-r--r--drivers/md/bcache/sysfs.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
index 9be27b26d300..bedd3e68fd29 100644
--- a/drivers/md/bcache/sysfs.c
+++ b/drivers/md/bcache/sysfs.c
@@ -778,10 +778,12 @@ STORE(__bch_cache_set)
c->shrink.scan_objects(&c->shrink, &sc);
}
- sysfs_strtoul(congested_read_threshold_us,
- c->congested_read_threshold_us);
- sysfs_strtoul(congested_write_threshold_us,
- c->congested_write_threshold_us);
+ sysfs_strtoul_clamp(congested_read_threshold_us,
+ c->congested_read_threshold_us,
+ 0, UINT_MAX);
+ sysfs_strtoul_clamp(congested_write_threshold_us,
+ c->congested_write_threshold_us,
+ 0, UINT_MAX);
if (attr == &sysfs_errors) {
v = __sysfs_match_string(error_actions, -1, buf);