Re: uevent buffer overflow in input layer

From: Greg KH
Date: Tue Jan 24 2006 - 00:02:46 EST

Next message: Balbir Singh: "Re: [PATCH] shrink_dcache_parent() races against shrink_dcache_memory()"
Previous message: Greg KH: "Re: [PATCH] cleanup of the drm sysfs code."
Next in thread: Dmitry Torokhov: "Re: uevent buffer overflow in input layer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 23, 2006 at 10:43:41AM +1100, Benjamin Herrenschmidt wrote:
> Current -git as of today does this on an x86 box with a logitech USB
> keyboard:
>
> (the $$$ is debug stuff I added to print_modalias(), size is the size
> passed in and "Total len" is the value of "len" before returning). We
> end up overflowing, thus we pass a negative size to snprintf which
> causes the WARN_ON. Bumping the uevent buffer size in lib/kobject_uevent.c
> from 1024 to 2048 seems to fix the oops and /dev/input/mice is now properly
> created and works (it doesn't without the fix, X fails and we end up back
> in console with a dead keyboard).
>
> I'm not sure it's the correct solution as I'm not too familiar with the
> uevent code though, so I'll let you guys decide on the proper approach.

Yes, input has some big strings, I'd recommend bumping it up like you
suggest.

Care to make up a patch as you found the problem and should get the
credit? :)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Balbir Singh: "Re: [PATCH] shrink_dcache_parent() races against shrink_dcache_memory()"
Previous message: Greg KH: "Re: [PATCH] cleanup of the drm sysfs code."
Next in thread: Dmitry Torokhov: "Re: uevent buffer overflow in input layer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]