lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202011171404.5E0F44C@keescook> Date: Tue, 17 Nov 2020 14:04:02 -0800 From: Kees Cook <keescook@...omium.org> To: laniel_francis@...vacyrequired.com Cc: linux-hardening@...r.kernel.org, dja@...ens.net Subject: Re: [RFC PATCH v4 4/5] Add new file in LKDTM to test fortified strscpy. On Mon, Nov 16, 2020 at 03:50:11PM +0100, laniel_francis@...vacyrequired.com wrote: > From: Francis Laniel <laniel_francis@...vacyrequired.com> > > This new test ensures that fortified strscpy has the same behavior than vanilla > strscpy (e.g. returning -E2BIG when src content is truncated). > Finally, it generates a crash at runtime because there is a write overflow in > destination string. > > Signed-off-by: Francis Laniel <laniel_francis@...vacyrequired.com> Reviewed-by: Kees Cook <keescook@...omium.org> -- Kees Cook
Powered by blists - more mailing lists