[lvc-project] [PATCH v6.1] mm/damon: get rid of overlapping areas

Markov Gleb markov.gi at npc-ksb.ru
Wed Jun 24 12:22:07 MSK 2026


From: Gleb Markov <markov.gi at npc-ksb.ru>

sscanf() function is used to remove whitespaces and save the first
token.

Using sscanf() where the source and destination are the same can
cause these areas to overlap.

Change sscanf() function to avoid possible overlap situation.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface")
Signed-off-by: Gleb Markov <markov.gi at npc-ksb.ru>
---
 mm/damon/dbgfs.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mm/damon/dbgfs.c b/mm/damon/dbgfs.c
index b3f454a5c682..62b1e7474445 100644
--- a/mm/damon/dbgfs.c
+++ b/mm/damon/dbgfs.c
@@ -1003,17 +1003,20 @@ static ssize_t dbgfs_monitor_on_write(struct file *file,
 {
 	ssize_t ret;
 	char *kbuf;
+	char *sd_kbuf;
 
 	kbuf = user_input_str(buf, count, ppos);
 	if (IS_ERR(kbuf))
 		return PTR_ERR(kbuf);
 
 	/* Remove white space */
-	if (sscanf(kbuf, "%s", kbuf) != 1) {
+	sd_kbuf = strim(kbuf);
+	if (*sd_kbuf == '\0') {
 		kfree(kbuf);
 		return -EINVAL;
 	}
 
+
 	mutex_lock(&damon_dbgfs_lock);
 	if (!strncmp(kbuf, "on", count)) {
 		int i;
-- 
2.43.0




More information about the lvc-project mailing list