| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Sep 2010 23:38:18 +0200
From: Dan Carpenter <error27@...il.com>
To: mark gross <markgross@...gnar.org>
Cc: "Rafael J. Wysocki" <rjw@...k.pl>,
James Bottomley <James.Bottomley@...e.de>,
Frederic Weisbecker <fweisbec@...il.com>,
Jonathan Corbet <corbet@....net>, linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: Re: [patch] pm_qos_params: cleanup: terminate a string
On Tue, Sep 07, 2010 at 06:38:05AM -0700, mark gross wrote:
> > spin_unlock_irqrestore(&pm_qos_lock, flags);
> > @@ -374,10 +374,12 @@ static ssize_t pm_qos_power_write(struct file *filp, const char __user *buf,
> > } else if (count == 11) { /* len('0x12345678/0') */
> > if (copy_from_user(ascii_value, buf, 11))
> > return -EFAULT;
> > + if (strlen(ascii_value) > 10)
> should be !=
>
> > + return -EINVAL;
> > x = sscanf(ascii_value, "%x", &value);
> > if (x != 1)
> > return -EINVAL;
With the original code you could do:
char buf[11]; /* must be 11 chars */
snprintf(buf, sizeof(buf), "0x%x", 42);
write(fd, buf, sizeof(buf));
But the new code is stricter so the number would have to be zero padded.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists