if (name) {
struct kdbus_name_entry *e;
+ if (!kdbus_check_strlen(cmd_info, name)) {
+ ret = -EINVAL;
+ goto exit_free;
+ }
+
e = kdbus_name_lookup(conn->ep->bus->name_registry, name);
if (!e) {
ret = -ENOENT;
copy_to_user(_sz, _s, sizeof(__u64)); \
})
+/**
+ * kdbus_check_strlen - check length of a string at the end a structure
+ * @_p: A pointer to a structure that has a size member and
+ * a variable string at its end
+ * @_s: The name of the dynamically sized string member
+ *
+ * Returns: 1 if the string's end marker is withing the struct, or 0 otherwise.
+ */
+#define kdbus_check_strlen(_p, _s) \
+({ \
+ size_t _max = (_p)->size - offsetof(typeof(*(_p)), _s); \
+ _max == 0 || strnlen((_p)->_s, _max) != _max; \
+})
+
/**
* kdbus_validate_nul - check the validity of a sized string
* @s: String
if (IS_ERR(cmd_name))
return PTR_ERR(cmd_name);
- if (!kdbus_name_is_valid(cmd_name->name)) {
+ if (!kdbus_check_strlen(cmd_name, name) ||
+ !kdbus_name_is_valid(cmd_name->name)) {
ret = -EINVAL;
goto exit_free;
}
projects / platform / core / system / kdbus-bus.git / commitdiff