| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Nov 2018 10:54:59 -0500
From: "Theodore Y. Ts'o" <tytso@....edu>
To: Gabriel Krisman Bertazi <krisman@...labora.com>
Cc: kernel@...labora.com, linux-ext4@...r.kernel.org,
Gabriel Krisman Bertazi <krisman@...labora.co.uk>
Subject: Re: [PATCH v3 04/12] lib/ext2fs: Implement NLS support
On Mon, Nov 26, 2018 at 05:19:41PM -0500, Gabriel Krisman Bertazi wrote:
> +static int ascii_casefold(const struct nls_table *table,
> + const unsigned char *str, size_t len,
> + unsigned char *dest, size_t dlen)
> +{
> + unsigned i;
> +
> + for (i = 0; i < len; i++)
> + dest[i] = charset_toupper(table, str[i]);
> +
> + return len;
> +}
> +
> +static int ascii_normalize(const struct nls_table *table,
> + const unsigned char *str, size_t len,
> + unsigned char *dest, size_t dlen)
> +{
> + memcpy(dest, str, len);
> + return len;
> +}
Shouldn't these two functions at least check to make sure dlen >= len
and return an error if not?
It's not paranoia when there are people out there actually trying to
get you. :-)
- Ted
Powered by blists - more mailing lists