| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 01 Apr 2014 16:18:38 -0400 (EDT) From: David Miller <davem@...emloft.net> To: dan.carpenter@...cle.com Cc: vegard.nossum@...cle.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, stable@...r.kernel.org Subject: Re: [PATCH] isdnloop: NUL-terminate strings from userspace From: Dan Carpenter <dan.carpenter@...cle.com> Date: Tue, 1 Apr 2014 15:35:34 +0300 > I don't understand what you think the point of strlcpy() is, if it's not > to deal with source strings which aren't NUL terminated. If strlcpy() is meant to handle non-NULL terminated strings, then it's kernel doc needs to be adjusted. /** * strlcpy - Copy a %NUL terminated string into a sized buffer * @dest: Where to copy the string to * @src: Where to copy the string from * @size: size of destination buffer * * Compatible with *BSD: the result is always a valid * NUL-terminated string that fits in the buffer (unless, * of course, the buffer size is zero). It does not pad * out the result like strncpy() does. */ That says to me that 'src' is expected to be NULL terminated. Furthermore, I like YOSHIFUJI Hideaki's idea that we should actually validate the string and return -EINVAL if it is not given to us NULL terminated. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists