| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Mar 2007 14:54:45 -0400 From: Theodore Tso <tytso@....edu> To: "Brian D. Behlendorf" <behlendorf1@...l.gov> Cc: linux-ext4@...r.kernel.org, adilger@...sterfs.com, wartens2@...l.gov Subject: Re: e2fsprogs coverity patch <cid-11.diff> On Fri, Feb 09, 2007 at 06:11:09PM -0800, Brian D. Behlendorf wrote: > Add an extra byte to EXT2_NAME_LEN in the static allocation for the > required trailing null. This allows filenames up to the maximum > length of EXT2_NAME_LEN withover an overrun. > > Coverity ID: 11: Overrun Static > > - thislen = ((dirent->name_len & 0xFF) < EXT2_NAME_LEN) ? > + thislen = ((dirent->name_len & 0xFF) <= EXT2_NAME_LEN) ? > (dirent->name_len & 0xFF) : EXT2_NAME_LEN; This change is largely meaningless/unnecessary, since if *dirent->name_len & 0xFF) is equal to EXT2_NAME_LEN it doesn't matter which path is chosen; was there a reason for the change. - Ted - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists