| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Mar 2016 08:51:55 +0200 From: Andy Shevchenko <andy.shevchenko@...il.com> To: Rasmus Villemoes <linux@...musvillemoes.dk> Cc: Kees Cook <keescook@...omium.org>, Andrew Morton <akpm@...ux-foundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [RFC 0/7] eliminate snprintf with overlapping src and dst On Tue, Mar 8, 2016 at 10:40 PM, Rasmus Villemoes <linux@...musvillemoes.dk> wrote: > Doing snprintf(buf, len, "%s...", buf, ...) for appending to a buffer > currently works, but it is somewhat fragile, and any other overlap > between source and destination buffers would be a definite bug. This > is an attempt at eliminating the relatively few occurences of this > pattern in the kernel. > > I could use another set of eyes on all of these. The drm/amdkfd patch > is unfortunately rather large, but I couldn't find a better way to do > this. Would we use seq_buf API instead in that case? > > Rasmus Villemoes (7): > drm/amdkfd: avoid fragile and inefficient snprintf use > Input: joystick - avoid fragile snprintf use > leds: avoid fragile sprintf use > drivers/media/pci/zoran: avoid fragile snprintf use > wlcore: avoid fragile snprintf use > [media] ati_remote: avoid fragile snprintf use > USB: usbatm: avoid fragile and inefficient snprintf use -- With Best Regards, Andy Shevchenko
Powered by blists - more mailing lists