UPSTREAM: um: Remove use of asprinf in umid.c

asprintf is not compatible with the existing uml memory allocation mechanism. Its use on the "user" side of UML results in a corrupt slab state. Bug: 176213565 Fixes: 0d4e5ac ("um: remove uses of variable length arrays") Cc: stable@vger.kernel.org Signed-off-by: Anton Ivanov <anton.ivanov@cambridgegreys.com> Signed-off-by: Richard Weinberger <richard@nod.at> (cherry picked from commit 97be7ce) Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idfb7dead6024aabd84e374dd254b53e1165e59df
tstruk · Jan 14, 2021 · b4b0c57 · b4b0c57
1 parent c89c14a
commit b4b0c57
Showing 1 changed file with 5 additions and 12 deletions.
diff --git a/arch/um/os-Linux/umid.c b/arch/um/os-Linux/umid.c
@@ -137,20 +137,13 @@ static inline int is_umdir_used(char *dir)
 {
 	char pid[sizeof("nnnnnnnnn")], *end, *file;
 	int dead, fd, p, n, err;
-	size_t filelen;
+	size_t filelen = strlen(dir) + sizeof("/pid") + 1;
 
-	err = asprintf(&file, "%s/pid", dir);
-	if (err < 0)
-		return 0;
-
-	filelen = strlen(file);
+	file = malloc(filelen);
+	if (!file)
+		return -ENOMEM;
 
-	n = snprintf(file, filelen, "%s/pid", dir);
-	if (n >= filelen) {
-		printk(UM_KERN_ERR "is_umdir_used - pid filename too long\n");
-		err = -E2BIG;
-		goto out;
-	}
+	snprintf(file, filelen, "%s/pid", dir);
 
 	dead = 0;
 	fd = open(file, O_RDONLY);