| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1286355501.24366.92.camel@ekuznets-lx-nokia> Date: Wed, 06 Oct 2010 12:58:21 +0400 From: Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@...ia.com> To: "ext H. Peter Anvin" <hpa@...or.com> Cc: Al Viro <viro@...IV.linux.org.uk>, Linus Torvalds <torvalds@...ux-foundation.org>, akpm@...ux-foundation.org, phillip@...gher.demon.co.uk, hsweeten@...ionengravers.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/1] initramfs: strcpy destination string overflow On Tue, 2010-10-05 at 11:09 -0700, ext H. Peter Anvin wrote: > On 10/05/2010 09:51 AM, Al Viro wrote: > > > > Take a look at struct hash definition. That sizeof is PATH_MAX and > > do_header() will reject an entry with name longer than that. IOW, > > the whole thing is a non-issue; we can add > > if (strlen(name) >= PATH_MAX) > > BUG(); > > if we really care, but that's it. > > > > As a side note, it looks like we need a fat warning about blind "improvements" > > of that kind in CodingStyle; cargo-cult replacements like that can easily > > hide real bugs... ;-/ > > BUG_ON(strlen(name) >= PATH_MAX); Should it be: BUG_ON(strlen(name) >= N_ALIGN(PATH_MAX)); -Evgeny > > ... would work for me. > > OK, not an issue... > > -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists