lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 23 Nov 2011 07:30:56 +0100
From:	Reinhard Tartler <Reinhard.Tartler@...ormatik.uni-erlangen.de>
To:	Jean Sacren <sakiwit@...il.com>
Cc:	Michal Marek <mmarek@...e.cz>, Arnaud Lacombe <lacombar@...il.com>,
	linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
	vamos-dev@...ts.informatik.uni-erlangen.de, amwang@...hat.com
Subject: Re: [PATCH] kconfig: Fix checking return value of 'fwrite'

On Mi, Nov 23, 2011 at 06:53:51 (CET), Jean Sacren wrote:

> From: Michal Marek <mmarek@...e.cz>
> Date: Sun, 20 Nov 2011 14:24:35 +0100
>>
>> On 7.10.2011 05:29, Arnaud Lacombe wrote:
>> > Hi,
>> > 
>> > 2011/10/6 Reinhard Tartler <Reinhard.Tartler@...ormatik.uni-erlangen.de>:
>> >> fwrite indicates '1' written member if a zero-length string is written.
>> > you forgot the "Signed-off-by: " part :)
>> 
>> Reinhard, can I assume
>> 
>> Signed-off-by: Reinhard Tartler
>> <Reinhard.Tartler@...ormatik.uni-erlangen.de>
>> 
>> ? The patch is otherwise correct.
>
> I have two reasons to oppose this patch.
>
> 1. If 'len' value is zero, there is an issue already and it should be
> taken care of _before_ calling fwrite().

So you're saying the function assumes a non-empty string? Why? It is a
simple "writing-helper" and this seems a perfectly valid corner case to
me.  Can you perhaps elaborate why you consider this corner case invalid
and require (possibly out-of-tree) callers to check this for themselves?

> 2. xfwrite() doesn't fix anything except for the compiler warning. It
> assumes this world is perfect and it's definitely not a place to take
> care of the zero-length string.

It seems to me that you rather oppose to the introduction of xfwrite()
than to the patch here at hand. Is that correct?

Cheers,
Reinhard

-- 
Reinhard Tartler                     Department of Computer Science IV
Martensstr 1, 91058 Erlangen Germany, University of Erlangen-Nuremberg
            http://www4.informatik.uni-erlangen.de/~tartler
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ