Commit 226a07ef authored by Jan Kara's avatar Jan Kara Committed by Linus Torvalds

lib: Clarify the return value of strnlen_user()

strnlen_user() can return a number in a range 0 to count +
sizeof(unsigned long) - 1. Clarify the comment at the top of the
function so that users don't think the function returns at most count+1.
Signed-off-by: default avatarJan Kara <jack@suse.cz>
[ Also added commentary about preferably not using this function ]
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 8cd9234c
...@@ -90,8 +90,15 @@ static inline long do_strnlen_user(const char __user *src, unsigned long count, ...@@ -90,8 +90,15 @@ static inline long do_strnlen_user(const char __user *src, unsigned long count,
* Get the size of a NUL-terminated string in user space. * Get the size of a NUL-terminated string in user space.
* *
* Returns the size of the string INCLUDING the terminating NUL. * Returns the size of the string INCLUDING the terminating NUL.
* If the string is too long, returns 'count+1'. * If the string is too long, returns a number larger than @count. User
* has to check the return value against "> count".
* On exception (or invalid count), returns 0. * On exception (or invalid count), returns 0.
*
* NOTE! You should basically never use this function. There is
* almost never any valid case for using the length of a user space
* string, since the string can be changed at any time by other
* threads. Use "strncpy_from_user()" instead to get a stable copy
* of the string.
*/ */
long strnlen_user(const char __user *str, long count) long strnlen_user(const char __user *str, long count)
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment