| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Jan 2017 16:01:41 +0100
From: Borislav Petkov <bp@...e.de>
To: Rabin Vincent <rabin.vincent@...s.com>
Cc: akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
Rabin Vincent <rabinv@...s.com>
Subject: Re: [PATCH] printk: fix printk.devkmsg sysctl
On Fri, Jan 27, 2017 at 02:11:46PM +0100, Rabin Vincent wrote:
> From: Rabin Vincent <rabinv@...s.com>
>
> The comment says that it doesn't want to accept trailing crap but that's
> just what it allows:
...
> @@ -177,7 +177,7 @@ int devkmsg_sysctl_set_loglvl(struct ctl_table *table, int write,
> * Do not accept an unknown string OR a known string with
> * trailing crap...
> */
> - if (err < 0 || (err + 1 != *lenp)) {
Grr, that's that damn '\n'
echo off > /proc/sys/kernel/printk_devkmsg
works, of course.
Ok, I don't want to relax the strncmp() above and would still like to
return the exact length compared.
So please change the check above to allow the following inputs:
<str>
or
<str>\n
I.e., a trailing, *optional*, '\n' is allowed.
This way we're accepting the two most common ways to input strings:
$ echo <str> > ...
and
$ echo -n <str> > ...
Thanks!
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--
Powered by blists - more mailing lists