/proc/sysvipc/shm: fix 32-bit truncation of segment sizes

sysvipc_shm_proc_show() picks between format strings (based on the expected maximum length of a SHM segment) in a way that prevents gcc from performing format checks on the seq_printf() parameters. This hid two format errors - shp->shm_segsz and shp->shm_nattach are both unsigned long, but were being printed as unsigned int and signed int respectively. This leads to 32-bit truncation of SHM segment sizes reported in /proc/sysvipc/shm. (And for nattach, but that's less of a problem for most users). This patch makes the format string directly visible to gcc's format specifier checker, and fixes the two broken format specifiers. Signed-off-by: Paul Menage <menage@google.com> Cc: Nadia Derbey <Nadia.Derbey@bull.net> Cc: Manfred Spraul <manfred@colorfullife.com> Cc: Pierre Peiffer <peifferp@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

/proc/sysvipc/shm: fix 32-bit truncation of segment sizes
sysvipc_shm_proc_show() picks between format strings (based on the expected maximum length of a SHM segment) in a way that prevents gcc from performing format checks on the seq_printf() parameters. This hid two format errors - shp->shm_segsz and shp->shm_nattach are both unsigned long, but were being printed as unsigned int and signed int respectively. This leads to 32-bit truncation of SHM segment sizes reported in /proc/sysvipc/shm. (And for nattach, but that's less of a problem for most users). This patch makes the format string directly visible to gcc's format specifier checker, and fixes the two broken format specifiers. Signed-off-by: Paul Menage <menage@google.com> Cc: Nadia Derbey <Nadia.Derbey@bull.net> Cc: Manfred Spraul <manfred@colorfullife.com> Cc: Pierre Peiffer <peifferp@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Paul Menage · Linus Torvalds
1 parent bcf8039ed4
Showing 1 changed file with 8 additions and 8 deletions Side-by-side Diff
ipc/shm.c
@@ -1058,16 +1058,16 @@
 static int sysvipc_shm_proc_show(struct seq_file *s, void *it)
 {
 	struct shmid_kernel *shp = it;
-	char *format;
  
-#define SMALL_STRING "%10d %10d  %4o %10u %5u %5u  %5d %5u %5u %5u %5u %10lu %10lu %10lu\n"
-#define BIG_STRING   "%10d %10d  %4o %21u %5u %5u  %5d %5u %5u %5u %5u %10lu %10lu %10lu\n"
+#if BITS_PER_LONG <= 32
+#define SIZE_SPEC "%10lu"
+#else
+#define SIZE_SPEC "%21lu"
+#endif
  
-	if (sizeof(size_t) <= sizeof(int))
-		format = SMALL_STRING;
-	else
-		format = BIG_STRING;
-	return seq_printf(s, format,
+	return seq_printf(s,
+			  "%10d %10d  %4o " SIZE_SPEC " %5u %5u  "
+			  "%5lu %5u %5u %5u %5u %10lu %10lu %10lu\n",
 			  shp->shm_perm.key,
 			  shp->shm_perm.id,
 			  shp->shm_perm.mode,
...	...	@@ -1058,16 +1058,16 @@
1058	1058	static int sysvipc_shm_proc_show(struct seq_file s, void it)
1059	1059	{
1060	1060	struct shmid_kernel *shp = it;
1061		- char *format;
1062	1061
1063		-#define SMALL_STRING "%10d %10d %4o %10u %5u %5u %5d %5u %5u %5u %5u %10lu %10lu %10lu\n"
1064		-#define BIG_STRING "%10d %10d %4o %21u %5u %5u %5d %5u %5u %5u %5u %10lu %10lu %10lu\n"
	1062	+#if BITS_PER_LONG <= 32
	1063	+#define SIZE_SPEC "%10lu"
	1064	+#else
	1065	+#define SIZE_SPEC "%21lu"
	1066	+#endif
1065	1067
1066		- if (sizeof(size_t) <= sizeof(int))
1067		- format = SMALL_STRING;
1068		- else
1069		- format = BIG_STRING;
1070		- return seq_printf(s, format,
	1068	+ return seq_printf(s,
	1069	+ "%10d %10d %4o " SIZE_SPEC " %5u %5u "
	1070	+ "%5lu %5u %5u %5u %5u %10lu %10lu %10lu\n",
1071	1071	shp->shm_perm.key,
1072	1072	shp->shm_perm.id,
1073	1073	shp->shm_perm.mode,