2008-08-31 22:13:54 +07:00
|
|
|
/*
|
|
|
|
* Helpers for formatting and printing strings
|
|
|
|
*
|
|
|
|
* Copyright 31 August 2008 James Bottomley
|
2013-05-01 05:27:30 +07:00
|
|
|
* Copyright (C) 2013, Intel Corporation
|
2008-08-31 22:13:54 +07:00
|
|
|
*/
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
#include <linux/bug.h>
|
2008-08-31 22:13:54 +07:00
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/math64.h>
|
2011-11-17 09:29:17 +07:00
|
|
|
#include <linux/export.h>
|
2013-05-01 05:27:30 +07:00
|
|
|
#include <linux/ctype.h>
|
2014-10-14 05:55:16 +07:00
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <linux/string.h>
|
2008-08-31 22:13:54 +07:00
|
|
|
#include <linux/string_helpers.h>
|
|
|
|
|
|
|
|
/**
|
|
|
|
* string_get_size - get the size in the specified units
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
* @size: The size to be converted in blocks
|
|
|
|
* @blk_size: Size of the block (use 1 for size in bytes)
|
2008-08-31 22:13:54 +07:00
|
|
|
* @units: units to use (powers of 1000 or 1024)
|
|
|
|
* @buf: buffer to format to
|
|
|
|
* @len: length of buffer
|
|
|
|
*
|
|
|
|
* This function returns a string formatted to 3 significant figures
|
2015-02-13 06:01:50 +07:00
|
|
|
* giving the size in the required units. @buf should have room for
|
|
|
|
* at least 9 bytes and will always be zero terminated.
|
2008-08-31 22:13:54 +07:00
|
|
|
*
|
|
|
|
*/
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
void string_get_size(u64 size, u64 blk_size, const enum string_size_units units,
|
2015-02-13 06:01:50 +07:00
|
|
|
char *buf, int len)
|
2008-08-31 22:13:54 +07:00
|
|
|
{
|
2014-08-07 06:09:31 +07:00
|
|
|
static const char *const units_10[] = {
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
"B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"
|
2014-08-07 06:09:31 +07:00
|
|
|
};
|
|
|
|
static const char *const units_2[] = {
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
"B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB", "ZiB", "YiB"
|
2014-08-07 06:09:31 +07:00
|
|
|
};
|
|
|
|
static const char *const *const units_str[] = {
|
|
|
|
[STRING_UNITS_10] = units_10,
|
2008-08-31 22:13:54 +07:00
|
|
|
[STRING_UNITS_2] = units_2,
|
|
|
|
};
|
2012-05-30 05:07:32 +07:00
|
|
|
static const unsigned int divisor[] = {
|
2008-08-31 22:13:54 +07:00
|
|
|
[STRING_UNITS_10] = 1000,
|
|
|
|
[STRING_UNITS_2] = 1024,
|
|
|
|
};
|
|
|
|
int i, j;
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
u32 remainder = 0, sf_cap, exp;
|
2008-08-31 22:13:54 +07:00
|
|
|
char tmp[8];
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
const char *unit;
|
2008-08-31 22:13:54 +07:00
|
|
|
|
|
|
|
tmp[0] = '\0';
|
2008-10-15 01:34:21 +07:00
|
|
|
i = 0;
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
if (!size)
|
|
|
|
goto out;
|
2008-08-31 22:13:54 +07:00
|
|
|
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
while (blk_size >= divisor[units]) {
|
|
|
|
remainder = do_div(blk_size, divisor[units]);
|
|
|
|
i++;
|
|
|
|
}
|
|
|
|
|
|
|
|
exp = divisor[units] / (u32)blk_size;
|
lib/string_helpers.c: fix infinite loop in string_get_size()
Some string_get_size() calls (e.g.:
string_get_size(1, 512, STRING_UNITS_10, ..., ...)
string_get_size(15, 64, STRING_UNITS_10, ..., ...)
) result in an infinite loop. The problem is that if size is equal to
divisor[units]/blk_size and is smaller than divisor[units] we'll end
up with size == 0 when we start doing sf_cap calculations:
For string_get_size(1, 512, STRING_UNITS_10, ..., ...) case:
...
remainder = do_div(size, divisor[units]); -> size is 0, remainder is 1
remainder *= blk_size; -> remainder is 512
...
size *= blk_size; -> size is still 0
size += remainder / divisor[units]; -> size is still 0
The caller causing the issue is sd_read_capacity(), the problem was
noticed on Hyper-V, such weird size was reported by host when scanning
collides with device removal. This is probably a separate issue worth
fixing, this patch is intended to prevent the library routine from
infinite looping.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Acked-by: James Bottomley <JBottomley@Odin.com>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: "K. Y. Srinivasan" <kys@microsoft.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-09-18 06:01:51 +07:00
|
|
|
/*
|
|
|
|
* size must be strictly greater than exp here to ensure that remainder
|
|
|
|
* is greater than divisor[units] coming out of the if below.
|
|
|
|
*/
|
|
|
|
if (size > exp) {
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
remainder = do_div(size, divisor[units]);
|
|
|
|
remainder *= blk_size;
|
|
|
|
i++;
|
|
|
|
} else {
|
|
|
|
remainder *= size;
|
|
|
|
}
|
|
|
|
|
|
|
|
size *= blk_size;
|
|
|
|
size += remainder / divisor[units];
|
|
|
|
remainder %= divisor[units];
|
2008-08-31 22:13:54 +07:00
|
|
|
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
while (size >= divisor[units]) {
|
|
|
|
remainder = do_div(size, divisor[units]);
|
|
|
|
i++;
|
2008-08-31 22:13:54 +07:00
|
|
|
}
|
|
|
|
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
sf_cap = size;
|
|
|
|
for (j = 0; sf_cap*10 < 1000; j++)
|
|
|
|
sf_cap *= 10;
|
|
|
|
|
|
|
|
if (j) {
|
|
|
|
remainder *= 1000;
|
|
|
|
remainder /= divisor[units];
|
|
|
|
snprintf(tmp, sizeof(tmp), ".%03u", remainder);
|
|
|
|
tmp[j+1] = '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
if (i >= ARRAY_SIZE(units_2))
|
|
|
|
unit = "UNK";
|
|
|
|
else
|
|
|
|
unit = units_str[units][i];
|
|
|
|
|
2015-02-13 06:01:48 +07:00
|
|
|
snprintf(buf, len, "%u%s %s", (u32)size,
|
sd, mmc, virtio_blk, string_helpers: fix block size units
The current string_get_size() overflows when the device size goes over
2^64 bytes because the string helper routine computes the suffix from
the size in bytes. However, the entirety of Linux thinks in terms of
blocks, not bytes, so this will artificially induce an overflow on very
large devices. Fix this by making the function string_get_size() take
blocks and the block size instead of bytes. This should allow us to
keep working until the current SCSI standard overflows.
Also fix virtio_blk and mmc (both of which were also artificially
multiplying by the block size to pass a byte side to string_get_size()).
The mathematics of this is pretty simple: we're taking a product of
size in blocks (S) and block size (B) and trying to re-express this in
exponential form: S*B = R*N^E (where N, the exponent is either 1000 or
1024) and R < N. Mathematically, S = RS*N^ES and B=RB*N^EB, so if RS*RB
< N it's easy to see that S*B = RS*RB*N^(ES+EB). However, if RS*BS > N,
we can see that this can be re-expressed as RS*BS = R*N (where R =
RS*BS/N < N) so the whole exponent becomes R*N^(ES+EB+1)
[jejb: fix incorrect 32 bit do_div spotted by kbuild test robot <fengguang.wu@intel.com>]
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Bottomley <JBottomley@Odin.com>
2015-03-06 09:47:01 +07:00
|
|
|
tmp, unit);
|
2008-08-31 22:13:54 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(string_get_size);
|
2013-05-01 05:27:30 +07:00
|
|
|
|
|
|
|
static bool unescape_space(char **src, char **dst)
|
|
|
|
{
|
|
|
|
char *p = *dst, *q = *src;
|
|
|
|
|
|
|
|
switch (*q) {
|
|
|
|
case 'n':
|
|
|
|
*p = '\n';
|
|
|
|
break;
|
|
|
|
case 'r':
|
|
|
|
*p = '\r';
|
|
|
|
break;
|
|
|
|
case 't':
|
|
|
|
*p = '\t';
|
|
|
|
break;
|
|
|
|
case 'v':
|
|
|
|
*p = '\v';
|
|
|
|
break;
|
|
|
|
case 'f':
|
|
|
|
*p = '\f';
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
*dst += 1;
|
|
|
|
*src += 1;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool unescape_octal(char **src, char **dst)
|
|
|
|
{
|
|
|
|
char *p = *dst, *q = *src;
|
|
|
|
u8 num;
|
|
|
|
|
|
|
|
if (isodigit(*q) == 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
num = (*q++) & 7;
|
|
|
|
while (num < 32 && isodigit(*q) && (q - *src < 3)) {
|
|
|
|
num <<= 3;
|
|
|
|
num += (*q++) & 7;
|
|
|
|
}
|
|
|
|
*p = num;
|
|
|
|
*dst += 1;
|
|
|
|
*src = q;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool unescape_hex(char **src, char **dst)
|
|
|
|
{
|
|
|
|
char *p = *dst, *q = *src;
|
|
|
|
int digit;
|
|
|
|
u8 num;
|
|
|
|
|
|
|
|
if (*q++ != 'x')
|
|
|
|
return false;
|
|
|
|
|
|
|
|
num = digit = hex_to_bin(*q++);
|
|
|
|
if (digit < 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
digit = hex_to_bin(*q);
|
|
|
|
if (digit >= 0) {
|
|
|
|
q++;
|
|
|
|
num = (num << 4) | digit;
|
|
|
|
}
|
|
|
|
*p = num;
|
|
|
|
*dst += 1;
|
|
|
|
*src = q;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool unescape_special(char **src, char **dst)
|
|
|
|
{
|
|
|
|
char *p = *dst, *q = *src;
|
|
|
|
|
|
|
|
switch (*q) {
|
|
|
|
case '\"':
|
|
|
|
*p = '\"';
|
|
|
|
break;
|
|
|
|
case '\\':
|
|
|
|
*p = '\\';
|
|
|
|
break;
|
|
|
|
case 'a':
|
|
|
|
*p = '\a';
|
|
|
|
break;
|
|
|
|
case 'e':
|
|
|
|
*p = '\e';
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
*dst += 1;
|
|
|
|
*src += 1;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-10-14 05:55:11 +07:00
|
|
|
/**
|
|
|
|
* string_unescape - unquote characters in the given string
|
|
|
|
* @src: source buffer (escaped)
|
|
|
|
* @dst: destination buffer (unescaped)
|
|
|
|
* @size: size of the destination buffer (0 to unlimit)
|
|
|
|
* @flags: combination of the flags (bitwise OR):
|
|
|
|
* %UNESCAPE_SPACE:
|
|
|
|
* '\f' - form feed
|
|
|
|
* '\n' - new line
|
|
|
|
* '\r' - carriage return
|
|
|
|
* '\t' - horizontal tab
|
|
|
|
* '\v' - vertical tab
|
|
|
|
* %UNESCAPE_OCTAL:
|
|
|
|
* '\NNN' - byte with octal value NNN (1 to 3 digits)
|
|
|
|
* %UNESCAPE_HEX:
|
|
|
|
* '\xHH' - byte with hexadecimal value HH (1 to 2 digits)
|
|
|
|
* %UNESCAPE_SPECIAL:
|
|
|
|
* '\"' - double quote
|
|
|
|
* '\\' - backslash
|
|
|
|
* '\a' - alert (BEL)
|
|
|
|
* '\e' - escape
|
|
|
|
* %UNESCAPE_ANY:
|
|
|
|
* all previous together
|
|
|
|
*
|
|
|
|
* Description:
|
|
|
|
* The function unquotes characters in the given string.
|
|
|
|
*
|
|
|
|
* Because the size of the output will be the same as or less than the size of
|
|
|
|
* the input, the transformation may be performed in place.
|
|
|
|
*
|
|
|
|
* Caller must provide valid source and destination pointers. Be aware that
|
|
|
|
* destination buffer will always be NULL-terminated. Source string must be
|
|
|
|
* NULL-terminated as well.
|
|
|
|
*
|
|
|
|
* Return:
|
|
|
|
* The amount of the characters processed to the destination buffer excluding
|
|
|
|
* trailing '\0' is returned.
|
|
|
|
*/
|
2013-05-01 05:27:30 +07:00
|
|
|
int string_unescape(char *src, char *dst, size_t size, unsigned int flags)
|
|
|
|
{
|
|
|
|
char *out = dst;
|
|
|
|
|
|
|
|
while (*src && --size) {
|
|
|
|
if (src[0] == '\\' && src[1] != '\0' && size > 1) {
|
|
|
|
src++;
|
|
|
|
size--;
|
|
|
|
|
|
|
|
if (flags & UNESCAPE_SPACE &&
|
|
|
|
unescape_space(&src, &out))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (flags & UNESCAPE_OCTAL &&
|
|
|
|
unescape_octal(&src, &out))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (flags & UNESCAPE_HEX &&
|
|
|
|
unescape_hex(&src, &out))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (flags & UNESCAPE_SPECIAL &&
|
|
|
|
unescape_special(&src, &out))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
*out++ = '\\';
|
|
|
|
}
|
|
|
|
*out++ = *src++;
|
|
|
|
}
|
|
|
|
*out = '\0';
|
|
|
|
|
|
|
|
return out - dst;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(string_unescape);
|
2014-10-14 05:55:16 +07:00
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_passthrough(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = c;
|
|
|
|
*dst = out + 1;
|
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_space(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
unsigned char to;
|
|
|
|
|
|
|
|
switch (c) {
|
|
|
|
case '\n':
|
|
|
|
to = 'n';
|
|
|
|
break;
|
|
|
|
case '\r':
|
|
|
|
to = 'r';
|
|
|
|
break;
|
|
|
|
case '\t':
|
|
|
|
to = 't';
|
|
|
|
break;
|
|
|
|
case '\v':
|
|
|
|
to = 'v';
|
|
|
|
break;
|
|
|
|
case '\f':
|
|
|
|
to = 'f';
|
|
|
|
break;
|
|
|
|
default:
|
2015-04-16 06:17:25 +07:00
|
|
|
return false;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = '\\';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = to;
|
|
|
|
++out;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
*dst = out;
|
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_special(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
unsigned char to;
|
|
|
|
|
|
|
|
switch (c) {
|
|
|
|
case '\\':
|
|
|
|
to = '\\';
|
|
|
|
break;
|
|
|
|
case '\a':
|
|
|
|
to = 'a';
|
|
|
|
break;
|
|
|
|
case '\e':
|
|
|
|
to = 'e';
|
|
|
|
break;
|
|
|
|
default:
|
2015-04-16 06:17:25 +07:00
|
|
|
return false;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = '\\';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = to;
|
|
|
|
++out;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
*dst = out;
|
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_null(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
|
|
|
|
if (c)
|
2015-04-16 06:17:25 +07:00
|
|
|
return false;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = '\\';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = '0';
|
|
|
|
++out;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
*dst = out;
|
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_octal(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = '\\';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = ((c >> 6) & 0x07) + '0';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = ((c >> 3) & 0x07) + '0';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = ((c >> 0) & 0x07) + '0';
|
|
|
|
++out;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
|
|
|
*dst = out;
|
2015-04-16 06:17:25 +07:00
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
static bool escape_hex(unsigned char c, char **dst, char *end)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
|
|
|
char *out = *dst;
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
if (out < end)
|
|
|
|
*out = '\\';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = 'x';
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = hex_asc_hi(c);
|
|
|
|
++out;
|
|
|
|
if (out < end)
|
|
|
|
*out = hex_asc_lo(c);
|
|
|
|
++out;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
|
|
|
*dst = out;
|
2015-04-16 06:17:25 +07:00
|
|
|
return true;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* string_escape_mem - quote characters in the given memory buffer
|
|
|
|
* @src: source buffer (unescaped)
|
|
|
|
* @isz: source buffer size
|
|
|
|
* @dst: destination buffer (escaped)
|
|
|
|
* @osz: destination buffer size
|
|
|
|
* @flags: combination of the flags (bitwise OR):
|
2015-09-10 05:37:14 +07:00
|
|
|
* %ESCAPE_SPACE: (special white space, not space itself)
|
2014-10-14 05:55:16 +07:00
|
|
|
* '\f' - form feed
|
|
|
|
* '\n' - new line
|
|
|
|
* '\r' - carriage return
|
|
|
|
* '\t' - horizontal tab
|
|
|
|
* '\v' - vertical tab
|
|
|
|
* %ESCAPE_SPECIAL:
|
|
|
|
* '\\' - backslash
|
|
|
|
* '\a' - alert (BEL)
|
|
|
|
* '\e' - escape
|
|
|
|
* %ESCAPE_NULL:
|
|
|
|
* '\0' - null
|
|
|
|
* %ESCAPE_OCTAL:
|
|
|
|
* '\NNN' - byte with octal value NNN (3 digits)
|
|
|
|
* %ESCAPE_ANY:
|
|
|
|
* all previous together
|
|
|
|
* %ESCAPE_NP:
|
|
|
|
* escape only non-printable characters (checked by isprint)
|
|
|
|
* %ESCAPE_ANY_NP:
|
|
|
|
* all previous together
|
|
|
|
* %ESCAPE_HEX:
|
|
|
|
* '\xHH' - byte with hexadecimal value HH (2 digits)
|
2015-09-10 05:37:16 +07:00
|
|
|
* @only: NULL-terminated string containing characters used to limit
|
|
|
|
* the selected escape class. If characters are included in @only
|
2015-09-10 05:37:14 +07:00
|
|
|
* that would not normally be escaped by the classes selected
|
|
|
|
* in @flags, they will be copied to @dst unescaped.
|
2014-10-14 05:55:16 +07:00
|
|
|
*
|
|
|
|
* Description:
|
|
|
|
* The process of escaping byte buffer includes several parts. They are applied
|
|
|
|
* in the following sequence.
|
|
|
|
* 1. The character is matched to the printable class, if asked, and in
|
|
|
|
* case of match it passes through to the output.
|
2015-09-10 05:37:16 +07:00
|
|
|
* 2. The character is not matched to the one from @only string and thus
|
2015-09-10 05:37:14 +07:00
|
|
|
* must go as-is to the output.
|
2014-10-14 05:55:16 +07:00
|
|
|
* 3. The character is checked if it falls into the class given by @flags.
|
|
|
|
* %ESCAPE_OCTAL and %ESCAPE_HEX are going last since they cover any
|
|
|
|
* character. Note that they actually can't go together, otherwise
|
|
|
|
* %ESCAPE_HEX will be ignored.
|
|
|
|
*
|
|
|
|
* Caller must provide valid source and destination pointers. Be aware that
|
|
|
|
* destination buffer will not be NULL-terminated, thus caller have to append
|
|
|
|
* it if needs.
|
|
|
|
*
|
|
|
|
* Return:
|
lib/string_helpers.c: change semantics of string_escape_mem
The current semantics of string_escape_mem are inadequate for one of its
current users, vsnprintf(). If that is to honour its contract, it must
know how much space would be needed for the entire escaped buffer, and
string_escape_mem provides no way of obtaining that (short of allocating a
large enough buffer (~4 times input string) to let it play with, and
that's definitely a big no-no inside vsnprintf).
So change the semantics for string_escape_mem to be more snprintf-like:
Return the size of the output that would be generated if the destination
buffer was big enough, but of course still only write to the part of dst
it is allowed to, and (contrary to snprintf) don't do '\0'-termination.
It is then up to the caller to detect whether output was truncated and to
append a '\0' if desired. Also, we must output partial escape sequences,
otherwise a call such as snprintf(buf, 3, "%1pE", "\123") would cause
printf to write a \0 to buf[2] but leaving buf[0] and buf[1] with whatever
they previously contained.
This also fixes a bug in the escaped_string() helper function, which used
to unconditionally pass a length of "end-buf" to string_escape_mem();
since the latter doesn't check osz for being insanely large, it would
happily write to dst. For example, kasprintf(GFP_KERNEL, "something and
then %pE", ...); is an easy way to trigger an oops.
In test-string_helpers.c, the -ENOMEM test is replaced with testing for
getting the expected return value even if the buffer is too small. We
also ensure that nothing is written (by relying on a NULL pointer deref)
if the output size is 0 by passing NULL - this has to work for
kasprintf("%pE") to work.
In net/sunrpc/cache.c, I think qword_add still has the same semantics.
Someone should definitely double-check this.
In fs/proc/array.c, I made the minimum possible change, but longer-term it
should stop poking around in seq_file internals.
[andriy.shevchenko@linux.intel.com: simplify qword_add]
[andriy.shevchenko@linux.intel.com: add missed curly braces]
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-16 06:17:28 +07:00
|
|
|
* The total size of the escaped output that would be generated for
|
|
|
|
* the given input and flags. To check whether the output was
|
|
|
|
* truncated, compare the return value to osz. There is room left in
|
|
|
|
* dst for a '\0' terminator if and only if ret < osz.
|
2014-10-14 05:55:16 +07:00
|
|
|
*/
|
lib/string_helpers.c: change semantics of string_escape_mem
The current semantics of string_escape_mem are inadequate for one of its
current users, vsnprintf(). If that is to honour its contract, it must
know how much space would be needed for the entire escaped buffer, and
string_escape_mem provides no way of obtaining that (short of allocating a
large enough buffer (~4 times input string) to let it play with, and
that's definitely a big no-no inside vsnprintf).
So change the semantics for string_escape_mem to be more snprintf-like:
Return the size of the output that would be generated if the destination
buffer was big enough, but of course still only write to the part of dst
it is allowed to, and (contrary to snprintf) don't do '\0'-termination.
It is then up to the caller to detect whether output was truncated and to
append a '\0' if desired. Also, we must output partial escape sequences,
otherwise a call such as snprintf(buf, 3, "%1pE", "\123") would cause
printf to write a \0 to buf[2] but leaving buf[0] and buf[1] with whatever
they previously contained.
This also fixes a bug in the escaped_string() helper function, which used
to unconditionally pass a length of "end-buf" to string_escape_mem();
since the latter doesn't check osz for being insanely large, it would
happily write to dst. For example, kasprintf(GFP_KERNEL, "something and
then %pE", ...); is an easy way to trigger an oops.
In test-string_helpers.c, the -ENOMEM test is replaced with testing for
getting the expected return value even if the buffer is too small. We
also ensure that nothing is written (by relying on a NULL pointer deref)
if the output size is 0 by passing NULL - this has to work for
kasprintf("%pE") to work.
In net/sunrpc/cache.c, I think qword_add still has the same semantics.
Someone should definitely double-check this.
In fs/proc/array.c, I made the minimum possible change, but longer-term it
should stop poking around in seq_file internals.
[andriy.shevchenko@linux.intel.com: simplify qword_add]
[andriy.shevchenko@linux.intel.com: add missed curly braces]
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-16 06:17:28 +07:00
|
|
|
int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
|
2015-09-10 05:37:16 +07:00
|
|
|
unsigned int flags, const char *only)
|
2014-10-14 05:55:16 +07:00
|
|
|
{
|
lib/string_helpers.c: change semantics of string_escape_mem
The current semantics of string_escape_mem are inadequate for one of its
current users, vsnprintf(). If that is to honour its contract, it must
know how much space would be needed for the entire escaped buffer, and
string_escape_mem provides no way of obtaining that (short of allocating a
large enough buffer (~4 times input string) to let it play with, and
that's definitely a big no-no inside vsnprintf).
So change the semantics for string_escape_mem to be more snprintf-like:
Return the size of the output that would be generated if the destination
buffer was big enough, but of course still only write to the part of dst
it is allowed to, and (contrary to snprintf) don't do '\0'-termination.
It is then up to the caller to detect whether output was truncated and to
append a '\0' if desired. Also, we must output partial escape sequences,
otherwise a call such as snprintf(buf, 3, "%1pE", "\123") would cause
printf to write a \0 to buf[2] but leaving buf[0] and buf[1] with whatever
they previously contained.
This also fixes a bug in the escaped_string() helper function, which used
to unconditionally pass a length of "end-buf" to string_escape_mem();
since the latter doesn't check osz for being insanely large, it would
happily write to dst. For example, kasprintf(GFP_KERNEL, "something and
then %pE", ...); is an easy way to trigger an oops.
In test-string_helpers.c, the -ENOMEM test is replaced with testing for
getting the expected return value even if the buffer is too small. We
also ensure that nothing is written (by relying on a NULL pointer deref)
if the output size is 0 by passing NULL - this has to work for
kasprintf("%pE") to work.
In net/sunrpc/cache.c, I think qword_add still has the same semantics.
Someone should definitely double-check this.
In fs/proc/array.c, I made the minimum possible change, but longer-term it
should stop poking around in seq_file internals.
[andriy.shevchenko@linux.intel.com: simplify qword_add]
[andriy.shevchenko@linux.intel.com: add missed curly braces]
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-16 06:17:28 +07:00
|
|
|
char *p = dst;
|
2015-04-16 06:17:25 +07:00
|
|
|
char *end = p + osz;
|
2015-09-10 05:37:16 +07:00
|
|
|
bool is_dict = only && *only;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
|
|
|
while (isz--) {
|
|
|
|
unsigned char c = *src++;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Apply rules in the following sequence:
|
|
|
|
* - the character is printable, when @flags has
|
|
|
|
* %ESCAPE_NP bit set
|
2015-09-10 05:37:16 +07:00
|
|
|
* - the @only string is supplied and does not contain a
|
2014-10-14 05:55:16 +07:00
|
|
|
* character under question
|
|
|
|
* - the character doesn't fall into a class of symbols
|
|
|
|
* defined by given @flags
|
|
|
|
* In these cases we just pass through a character to the
|
|
|
|
* output buffer.
|
|
|
|
*/
|
|
|
|
if ((flags & ESCAPE_NP && isprint(c)) ||
|
2015-09-10 05:37:16 +07:00
|
|
|
(is_dict && !strchr(only, c))) {
|
2014-10-14 05:55:16 +07:00
|
|
|
/* do nothing */
|
|
|
|
} else {
|
2015-04-16 06:17:25 +07:00
|
|
|
if (flags & ESCAPE_SPACE && escape_space(c, &p, end))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (flags & ESCAPE_SPECIAL && escape_special(c, &p, end))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (flags & ESCAPE_NULL && escape_null(c, &p, end))
|
|
|
|
continue;
|
2014-10-14 05:55:16 +07:00
|
|
|
|
|
|
|
/* ESCAPE_OCTAL and ESCAPE_HEX always go last */
|
2015-04-16 06:17:25 +07:00
|
|
|
if (flags & ESCAPE_OCTAL && escape_octal(c, &p, end))
|
2014-10-14 05:55:16 +07:00
|
|
|
continue;
|
2015-04-16 06:17:25 +07:00
|
|
|
|
|
|
|
if (flags & ESCAPE_HEX && escape_hex(c, &p, end))
|
2014-10-14 05:55:16 +07:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2015-04-16 06:17:25 +07:00
|
|
|
escape_passthrough(c, &p, end);
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
|
lib/string_helpers.c: change semantics of string_escape_mem
The current semantics of string_escape_mem are inadequate for one of its
current users, vsnprintf(). If that is to honour its contract, it must
know how much space would be needed for the entire escaped buffer, and
string_escape_mem provides no way of obtaining that (short of allocating a
large enough buffer (~4 times input string) to let it play with, and
that's definitely a big no-no inside vsnprintf).
So change the semantics for string_escape_mem to be more snprintf-like:
Return the size of the output that would be generated if the destination
buffer was big enough, but of course still only write to the part of dst
it is allowed to, and (contrary to snprintf) don't do '\0'-termination.
It is then up to the caller to detect whether output was truncated and to
append a '\0' if desired. Also, we must output partial escape sequences,
otherwise a call such as snprintf(buf, 3, "%1pE", "\123") would cause
printf to write a \0 to buf[2] but leaving buf[0] and buf[1] with whatever
they previously contained.
This also fixes a bug in the escaped_string() helper function, which used
to unconditionally pass a length of "end-buf" to string_escape_mem();
since the latter doesn't check osz for being insanely large, it would
happily write to dst. For example, kasprintf(GFP_KERNEL, "something and
then %pE", ...); is an easy way to trigger an oops.
In test-string_helpers.c, the -ENOMEM test is replaced with testing for
getting the expected return value even if the buffer is too small. We
also ensure that nothing is written (by relying on a NULL pointer deref)
if the output size is 0 by passing NULL - this has to work for
kasprintf("%pE") to work.
In net/sunrpc/cache.c, I think qword_add still has the same semantics.
Someone should definitely double-check this.
In fs/proc/array.c, I made the minimum possible change, but longer-term it
should stop poking around in seq_file internals.
[andriy.shevchenko@linux.intel.com: simplify qword_add]
[andriy.shevchenko@linux.intel.com: add missed curly braces]
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-16 06:17:28 +07:00
|
|
|
return p - dst;
|
2014-10-14 05:55:16 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(string_escape_mem);
|