| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m14pfr6bnf.fsf@ebiederm.dsl.xmission.com> Date: Mon, 12 Nov 2007 02:44:36 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] sysctl: Check length at deprecated_sysctl_warning. Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> writes: > Hello. > > Thanks for reformatting my patch > and sorry for surprising you with directory name > (I meant to type linux-2.6.24-rc2, not linux-2.6.22-rc2). > > According to linux-2.6.23, > it seems that I should return -ENOTDIR > for invalid args->nlen value. > > I got a question here regarding interpretation of CTL_MAXNAME . > Is args->nlen == CTL_MAXNAME valid? > It is treated as invalid while the definition says > > /* how many path components do we allow in a > call to sysctl? In other words, what is > the largest acceptable value for the nlen > member of a struct __sysctl_args to have? */ > > If "name[CTL_MAXNAME];" is what the author intended, > I think args->nlen == CTL_MAXNAME is valid. name[CTL_MAXNAME} is not valid. name[0...CTL_MAXNAME-1] is valid. The check that got lost in the refactoring was specfically: - if (tmp.nlen <= 0 || tmp.nlen >= CTL_MAXNAME) - return -ENOTDIR; Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists