| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFo99gb4_1Qne+Mnt=iApepVyn00_eM2S4Nw+L3hMatZtwROSA@mail.gmail.com> Date: Mon, 11 Aug 2014 21:45:57 +0200 From: Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se> To: Wolfram Sang <wsa@...-dreams.de> Cc: Mark D Rustad <mrustad@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Linus Walleij <linus.walleij@...aro.org>, Peter Hurley <peter@...leysoftware.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] misc: ti-st: st_kim.c: Cleaning up missing null-terminate after strncpy call 2014-08-11 11:14 GMT+02:00 Wolfram Sang <wsa@...-dreams.de>: > >> > strncpy(kim_data->dev_name, buf, count); >> > + kim_data->dev_name[count - 1] = '\n'; >> >> Of course this does not add termination, but adds a newline at the end of the buffer? Huh? > > strlcpy? > Hi Wolfram Sure, strlcpy is preferable in many ways if we only can guarantee that it is safe. I have seldom been so much criticism when I start switching to strlcpy, although much of it was justified :) Even Linus was getting into the debate. See more: https://plus.google.com/111049168280159033135/posts/1amLbuhWbh5 I do this only when I'm sure it will not cause any other problems. But if you or anyone else can guarantee that in this case, so I'd make a new patch. Kind regards Rickard Strandqvist -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists