095d141b2e
argv_split() allocates argv[count_argc(str)] array and assumes that it will find the same number of arguments later. This is obviously wrong if this string can be changed, say, by sysctl. With this patch argv_split() kstrndup's the whole string and does not split it, we simply replace the spaces with zeroes and keep the allocated memory in argv[-1] for argv_free(arg). We do not use argv[0] because: - str can be all-spaces or empty. In fact this case is fine, we could kfree() it before return, but: - str can have a space at the start, and we can not rely on kstrndup(skip_spaces(str)) because it can equally race if this string is mutable. Also, simplify count_argc() and kill the no longer used skip_arg(). Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Andi Kleen <andi@firstfloor.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
94 lines
2.1 KiB
C
94 lines
2.1 KiB
C
/*
|
|
* Helper function for splitting a string into an argv-like array.
|
|
*/
|
|
|
|
#include <linux/kernel.h>
|
|
#include <linux/ctype.h>
|
|
#include <linux/string.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/export.h>
|
|
|
|
static int count_argc(const char *str)
|
|
{
|
|
int count = 0;
|
|
bool was_space;
|
|
|
|
for (was_space = true; *str; str++) {
|
|
if (isspace(*str)) {
|
|
was_space = true;
|
|
} else if (was_space) {
|
|
was_space = false;
|
|
count++;
|
|
}
|
|
}
|
|
|
|
return count;
|
|
}
|
|
|
|
/**
|
|
* argv_free - free an argv
|
|
* @argv - the argument vector to be freed
|
|
*
|
|
* Frees an argv and the strings it points to.
|
|
*/
|
|
void argv_free(char **argv)
|
|
{
|
|
argv--;
|
|
kfree(argv[0]);
|
|
kfree(argv);
|
|
}
|
|
EXPORT_SYMBOL(argv_free);
|
|
|
|
/**
|
|
* argv_split - split a string at whitespace, returning an argv
|
|
* @gfp: the GFP mask used to allocate memory
|
|
* @str: the string to be split
|
|
* @argcp: returned argument count
|
|
*
|
|
* Returns an array of pointers to strings which are split out from
|
|
* @str. This is performed by strictly splitting on white-space; no
|
|
* quote processing is performed. Multiple whitespace characters are
|
|
* considered to be a single argument separator. The returned array
|
|
* is always NULL-terminated. Returns NULL on memory allocation
|
|
* failure.
|
|
*
|
|
* The source string at `str' may be undergoing concurrent alteration via
|
|
* userspace sysctl activity (at least). The argv_split() implementation
|
|
* attempts to handle this gracefully by taking a local copy to work on.
|
|
*/
|
|
char **argv_split(gfp_t gfp, const char *str, int *argcp)
|
|
{
|
|
char *argv_str;
|
|
bool was_space;
|
|
char **argv, **argv_ret;
|
|
int argc;
|
|
|
|
argv_str = kstrndup(str, KMALLOC_MAX_SIZE - 1, gfp);
|
|
if (!argv_str)
|
|
return NULL;
|
|
|
|
argc = count_argc(argv_str);
|
|
argv = kmalloc(sizeof(*argv) * (argc + 2), gfp);
|
|
if (!argv) {
|
|
kfree(argv_str);
|
|
return NULL;
|
|
}
|
|
|
|
*argv = argv_str;
|
|
argv_ret = ++argv;
|
|
for (was_space = true; *argv_str; argv_str++) {
|
|
if (isspace(*argv_str)) {
|
|
was_space = true;
|
|
*argv_str = 0;
|
|
} else if (was_space) {
|
|
was_space = false;
|
|
*argv++ = argv_str;
|
|
}
|
|
}
|
|
*argv = NULL;
|
|
|
|
if (argcp)
|
|
*argcp = argc;
|
|
return argv_ret;
|
|
}
|
|
EXPORT_SYMBOL(argv_split);
|