lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Aug 2015 11:31:54 +0800 From: Sean Fu <fxinrong@...il.com> To: Steven Rostedt <rostedt@...dmis.org> Cc: Austin S Hemmelgarn <ahferroin7@...il.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Andrey Ryabinin <ryabinin.a.a@...il.com>, Ulrich Obergfell <uobergfe@...hat.com>, Prarit Bhargava <prarit@...hat.com>, Eric B Munson <emunson@...mai.com>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>, Johannes Weiner <hannes@...xchg.org>, Andrew Morton <akpm@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Don Zickus <dzickus@...hat.com>, Heinrich Schuchardt <xypron.glpk@....de>, David Rientjes <rientjes@...gle.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] kernel/sysctl.c: If "count" including the terminating byte '\0' the write system call should retrun success. On Thu, Aug 27, 2015 at 4:32 PM, Sean Fu <fxinrong@...il.com> wrote: > On Thu, Aug 27, 2015 at 10:32 AM, Steven Rostedt <rostedt@...dmis.org> wrote: >> On Thu, 27 Aug 2015 08:17:29 +0800 >> Sean Fu <fxinrong@...il.com> wrote: >> >>> On Thu, Aug 27, 2015 at 4:36 AM, Steven Rostedt <rostedt@...dmis.org> wrote: >>> > On Wed, 26 Aug 2015 23:48:01 +0800 >>> > Sean Fu <fxinrong@...il.com> wrote: >>> > >>> > >>> >> > Defending the patch, I can't imagine any user space code expecting the >>> >> > current behavior. The current behavior is that if you write "1\0" it >>> >> > will error out instead of accepting the "1". I can't come up with a >>> >> > scenario that would require userspace to expect "1\0" to fail. Can you? >>> >> Thanks >>> > >>> > Although, with the current patch, would "1\02" fail? It should. >>> Yes, "1\02" is equal to "1\2"(count=2) or "1\2\0"(count=3), So it should fail. >> >> Sorry, I meant "1\0 2" > In this case, The patch behavior is accepting the "1" and discarding > other bytes. > for (; left && vleft--; i++, first=0) { //vleft is 1 for integer > type or unsigned long type proc file > >> >> -- Steve >> >>> >>> code >>> len = write(fd, "1\0\2", 3); >>> >>> strace execute result: >>> write(3, "1\2\0", 3) = -1 EINVAL (Invalid argument) If vleft > 1, "1\0 2" is treated as invalid paraments and all string include '\0' will be invalid. >>> >>> > >>> > -- Steve >> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists