lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <je63thszo6.fsf@sykes.suse.de>
Date:	Wed, 14 May 2008 16:55:37 +0200
From:	Andreas Schwab <schwab@...e.de>
To:	Cyrill Gorcunov <gorcunov@...il.com>
Cc:	Adrian Bunk <bunk@...nel.org>,
	Geert Uytterhoeven <geert@...ux-m68k.org>,
	Linux/m68k <linux-m68k@...r.kernel.org>,
	Linux Kernel Development <linux-kernel@...r.kernel.org>
Subject: Re: m68k: main.c:(.init.text+0x730): undefined reference to `strlen'

Cyrill Gorcunov <gorcunov@...il.com> writes:

> I think it would help to see ..tmp_vmlinux1.cmd to ensure for inclusion
> of lib/lib.a. strlen was there without my patch as Andreas already pointed,
> I've just added strncat wich is coming from lib/string.o for this arch.

Actually the way strncat is used here is broken anyway, it does not
prevent array overrun.  The third argument of strncat only limits the
amount of characters copied, without taking into account the length of
the string already in the buffer.  Consequently gcc has optimized the
call to strncat into a simple call to strcat, since none of the copied
strings are longer than sizeof(msgbuf).  This strcat call is then
expanded to include a call to strlen.

So a better fix would probably be to make msgbuf big enough and use
strcat instead.

Andreas.

-- 
Andreas Schwab, SuSE Labs, schwab@...e.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ