| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1453942708.10099.41.camel@perches.com> Date: Wed, 27 Jan 2016 16:58:28 -0800 From: Joe Perches <joe@...ches.com> To: Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org Cc: Amitkumar Karwar <akarwar@...vell.com>, Nishant Sarmukadam <nishants@...vell.com>, Kalle Valo <kvalo@...eaurora.org>, Steve French <sfrench@...ba.org>, linux-wireless@...r.kernel.org, netdev@...r.kernel.org, linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org Subject: Re: [PATCH] lib: fix callers of strtobool to use char array On Wed, 2016-01-27 at 16:45 -0800, Kees Cook wrote: > Some callers of strtobool were passing a pointer to unterminated strings. > This fixes the issue and consolidates some logic in cifs. This may be incomplete as it duplicates the behavior for the old number of characters, but this is not a solution for the entry of a bool that is "on" or "off". > diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c [] > @@ -290,7 +305,8 @@ static ssize_t cifs_stats_proc_write(struct file *file, > } > } > spin_unlock(&cifs_tcp_ses_lock); > - } > + } else > + return rc; Likely better to reverse the test and unindent the preceding block. Otherwise, please make sure to use the general brace form of when one branch needs braces, the other branch should have them too.
Powered by blists - more mailing lists