| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jul 2016 13:16:53 -0400 From: Steven Rostedt <rostedt@...dmis.org> To: Jiri Olsa <jolsa@...hat.com> Cc: Jiri Pirko <jiri@...lanox.com>, Jiri Olsa <jolsa@...nel.org>, Arnaldo Carvalho de Melo <acme@...nel.org>, lkml <linux-kernel@...r.kernel.org>, David Ahern <dsahern@...il.com>, Ingo Molnar <mingo@...nel.org>, Namhyung Kim <namhyung@...nel.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl> Subject: Re: [PATCH 1/3] perf script python: Fix string vs byte array resolving On Fri, 15 Jul 2016 18:13:10 +0200 Jiri Olsa <jolsa@...hat.com> wrote: > On Fri, Jul 15, 2016 at 12:02:31PM -0400, Steven Rostedt wrote: > > SNIP > > > > for "AA\1\0" this returns "1" although that should return "0". > > > > > > orig len 4 > > > decremented len 3 > > > for: > > > 0 1 > > > > > > index 2 would not be inspected. Or am I missing something? > > > > > > I think that the for check should be "i < len" > > > > Yes it should be. I think we got the two solutions mixed up. > > > > With the above len--, it should be i < len, but when we did the check > > for zero at the end, we needed the i < len - 1 > > ugh right.. should be 'i < len' check in the for loop, > > there's also the patch 2/3 that needs to be changed > I'm wondering if we should also add at the beginning: if (!len) return 0; Otherwise we will be accessing out of bounds with the len-1. -- Steve
Powered by blists - more mailing lists