| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2011 09:02:06 -0700
From: Jay Vosburgh <fubar@...ibm.com>
To: Vitalii Demianets <vitas@...factor.kiev.ua>
cc: Andy Gospodarek <andy@...yhouse.net>, netdev@...r.kernel.org,
Takuma Umeya <tumeya@...hat.com>
Subject: Re: [PATCH net-next] bonding: fix strlen errors in sysfs
Vitalii Demianets <vitas@...factor.kiev.ua> wrote:
>On Thursday 14 July 2011 04:57:45 Andy Gospodarek wrote:
>> - if (strnicmp
>> - (slave->dev->name, buf,
>> - strlen(slave->dev->name)) == 0) {
>> + int max_len = max(strlen(slave->dev->name),
>> + strlen(buf) - 1);
>> + if (strnicmp(slave->dev->name, buf, max_len) == 0) {
>
>As for me there is no sense in preventing "address out of range" errors in
>strnicmp by calculating length with strlen first. If there is missing \0 at
>the end of the string you just shift failure point from stricmp to the strlen
>function call.
>IMHO "maximum length" argument in strnicmp should be some appropriate constant
>instead. Alternatively we can use count:
I agree about using a constant, and I nominate IFNAMSIZ for that
constant.
Also, should we really be using strnicmp? I.e., case
insensitive? Aren't interface names case sensitive?
-J
---
-Jay Vosburgh, IBM Linux Technology Center, fubar@...ibm.com
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists