lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 29 Oct 2007 16:24:47 +0100
From:	Adrian Bunk <bunk@...nel.org>
To:	David Howells <dhowells@...hat.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [2.6 patch] fs/afs/vlocation.c: fix off-by-one

On Mon, Oct 29, 2007 at 01:00:26PM +0000, David Howells wrote:
> Adrian Bunk <bunk@...nel.org> wrote:
> 
> > This patch fixes an off-by-one error spotted by the Coverity checker.
> 
> NAK.
> 
> Why do you assume it's a NUL-terminated string?  It's not.  It's a fixed
> length character array that gets padded out with NULs.
> 
> Look 9 lines further down in the file from the change you made.  You'll notice
> it is using memcmp() not strcmp().

Check the last line of the patch I sent:
  if (vl->vldb.name[namesz] != '\0')

> David

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ