lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Aug 2012 03:23:30 +0400 From: Pavel Vasilyev <pavel@...linux.ru> To: Alan Stern <stern@...land.harvard.edu> CC: Pavel Machek <pavel@....cz>, Len Brown <lenb@...nel.org>, linux-acpi@...r.kernel.org, linux-pm@...ts.linux-foundation.org, linux-kernel@...r.kernel.org, Len Brown <len.brown@...el.com> Subject: Re: [linux-pm] [PATCH] ACPI: replace strlen("string") with sizeof("string") -1 07.08.2012 21:24, Alan Stern пишет: > On Tue, 7 Aug 2012, Pavel Vasilyev wrote: > >> 06.08.2012 23:59, Alan Stern пишет: >>> On Mon, 6 Aug 2012, Pavel Vasilyev wrote: >>> >>>>>> http://www.gossamer-threads.com/lists/engine?do=post_attachment;postatt_id=41157;list=linux >>>>> >>>>> Interestingly, many (all?) of the changes in that patch are wrong >>>>> because they don't try to match the terminating '\0'. As a result, >>>>> they will match against extensions of the target string as well as the >>>>> target string itself. >>>>> >>>> >>>> strNcmp compare N bytes - http://lxr.linux.no/#linux+v3.5/lib/string.c#L270 >>>> memcmp compare N bytes - http://lxr.linux.no/#linux+v3.5/lib/string.c#L651 >>> >>> Yes. So if s contains "abcde" then >>> >>> memcmp(s, "abc", 3) and strncmp(s, "abc", 3) will both return 0, and >>> memcmp(s, "abc", 4) and strncmp(s, "abc", 4) will both return 1. >> >> No matter what is contained in *s, "abcde" or "abcxxx", >> are important first N bytes. The second example, you see, >> a little bit stupid, and devoid of logic. :) > > Maybe yes, maybe no. It all depends on what you want. > > For example, if you're looking for "on" or "off", what should you do > when the user writes "onoff"? You could accept it as meaning the same > as "on", but if you were being careful then you would want to reject it > as a meaningless value. The users should't be allowed to think! There is "on" - the size of 2 bytes, or "off" - 3 bytes, other variations - user error. We do not create a kernel with artificial intelligence? ;) -- Pavel. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists