| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.20.1710021736110.2185@nanos>
Date: Mon, 2 Oct 2017 17:42:56 +0200 (CEST)
From: Thomas Gleixner <tglx@...utronix.de>
To: Borislav Petkov <bp@...en8.de>
cc: X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] RAS/CEC: Use the right length for "cec_disable"
On Mon, 2 Oct 2017, Borislav Petkov wrote:
> From: Nicolas Iooss <nicolas.iooss_linux@....org>
>
> parse_cec_param() compares a string with "cec_disable" using only 7
> characters of the 11-character-long string. Fix the length.
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@....org>
> Fixes: 011d82611172 ("RAS: Add a Corrected Errors Collector")
> Link: http://lkml.kernel.org/r/20170903075440.30250-1-nicolas.iooss_linux@m4x.org
> Signed-off-by: Borislav Petkov <bp@...e.de>
> ---
> drivers/ras/cec.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/ras/cec.c b/drivers/ras/cec.c
> index d0e5d6ee882c..586c296d1538 100644
> --- a/drivers/ras/cec.c
> +++ b/drivers/ras/cec.c
> @@ -523,7 +523,7 @@ int __init parse_cec_param(char *str)
> if (*str == '=')
> str++;
>
> - if (!strncmp(str, "cec_disable", 7))
> + if (!strncmp(str, "cec_disable", 11))
This kind of issue happens over and over. So if you really want to use
strncmp() then this should be:
#define CEC_DISABLE "cec_disable"
if (!strncmp(str, CEC_DISABLE, strlen(CEC_DISABLE))
or we get a proper helper for that. Though in case of comparing some string
against a constant string strncmp() has no real advantage over strcmp() as
the comparison is guaranteed to be bound by the string constant.
Thanks,
tglx
Powered by blists - more mailing lists