Skip to content

Commit d1d2a2b

Browse files
committed
Fix a weird behavior of a function
The procfile_write prints the content what user writes into. However, when the content size is greater than or equal to PROCFS_MAX_SIZE, procfile_write will print nothing, because the index for appending the tail NULL character will be modulo to 0, which is an off-by-one error. This fixes the problem by changing the upper bound of procfs_buffer_size to (PROCFS_MAX_SIZE - 1), leaving one byte for NULL character. After the change, we can discard the modulo because the range of procfs_buffer_size is already between 0 and (PROCFS_MAX_SIZE - 1).
1 parent 1fc5305 commit d1d2a2b

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

examples/procfs2.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,13 +48,13 @@ static ssize_t procfile_write(struct file *file, const char __user *buff,
4848
size_t len, loff_t *off)
4949
{
5050
procfs_buffer_size = len;
51-
if (procfs_buffer_size > PROCFS_MAX_SIZE)
52-
procfs_buffer_size = PROCFS_MAX_SIZE;
51+
if (procfs_buffer_size >= PROCFS_MAX_SIZE)
52+
procfs_buffer_size = PROCFS_MAX_SIZE - 1;
5353

5454
if (copy_from_user(procfs_buffer, buff, procfs_buffer_size))
5555
return -EFAULT;
5656

57-
procfs_buffer[procfs_buffer_size & (PROCFS_MAX_SIZE - 1)] = '\0';
57+
procfs_buffer[procfs_buffer_size] = '\0';
5858
*off += procfs_buffer_size;
5959
pr_info("procfile write %s\n", procfs_buffer);
6060

0 commit comments

Comments
 (0)