Discussion:
Copy_From_User and truncating
(too old to reply)
Tom Brubaker
2005-02-21 03:58:37 UTC
Permalink
The description for Copy_From_User says:

+ return true if srcInUser was legal (even if copy was truncated, see
below)

And 'below' it talks about the maximum string length for SYS_PRINTSTRING and
SYS_SPAWN. In these cases, "You may use a third function to ensure this
proper termination or put the code directly in both SYS_PRINTSTRING and
SYS_SPAWN"


In what cases does Copy_From_User ever have the authority to do any
truncating of its own?



-Tom-
Iulian Neamtiu
2005-02-22 15:15:02 UTC
Permalink
As I said yesterday in recitation, do not truncate in Copy_From_User.
Copy_From_User/Copy_To_User handle their arguments as binary, not as
strings. In later projects, when you receive binary data from user,
adding a '\0' will get you in trouble, and you'll have no idea why.

For this project, think what will happen if you try truncating the
integers you copy into userspace in Get_Cursor.

Spawn and Print_String have to ensure proper termination of the
user-supplied strings before passing them to other kernel functions.
Copy_From/To are oblivious w.r.t. what data they copy.

And by the way, the caller of Copy_From_User has to allocate
destInKernel; don't pass an uninitialized (or NULL) pointer as first
argument to Copy_From_User.

Iulian
Post by Tom Brubaker
+ return true if srcInUser was legal (even if copy was truncated, see
below)
And 'below' it talks about the maximum string length for SYS_PRINTSTRING and
SYS_SPAWN. In these cases, "You may use a third function to ensure this
proper termination or put the code directly in both SYS_PRINTSTRING and
SYS_SPAWN"
In what cases does Copy_From_User ever have the authority to do any
truncating of its own?
-Tom-
Loading...