lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Dec 2020 22:15:24 +0100 (CET) From: Richard Weinberger <richard@....at> To: Andreas Dilger <adilger@...ger.ca> Cc: tytso <tytso@....edu>, linux-ext4 <linux-ext4@...r.kernel.org>, linux-kernel <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] ext4: Don't leak old mountpoint samples ----- Ursprüngliche Mail ----- >> Fix this by using strncpy() instead of strlcpy(). The superblock >> field is defined to be a fixed-size char array, and it is already >> marked using __nonstring in fs/ext4/ext4.h. The consumer of the field >> in e2fsprogs already assumes that in the case of a 64+ byte mount >> path, that s_last_mounted will not be NUL terminated. >> >> Reported-by: Richard Weinberger <richard@....at> >> Signed-off-by: Theodore Ts'o <tytso@....edu> > > Color me confused, but I don't see how this change makes any difference? > If "cp" is only "/" then it will *still* not overwrite "edia/johnjdeveloper" > at the end of the s_last_mounted array. To my mind, the only difference > between using strlcpy() and strncpy() would be whether the last byte in > the array can be used or not, but doesn't affect the remaining bytes. strncpy() zeros all remaining bytes. Thanks, //richard
Powered by blists - more mailing lists