| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Jun 2018 08:32:46 +0300
From: Georgi Guninski <guninski@...inski.com>
To: Christian Borntraeger <borntraeger@...ibm.com>
Cc: Guenter Roeck <linux@...ck-us.net>,
Martin Schwidefsky <schwidefsky@...ibm.com>,
Vasily Gorbik <gor@...ux.ibm.com>,
Heiko Carstens <heiko.carstens@...ibm.com>,
linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
qemu-s390x <qemu-s390x@...gnu.org>,
qemu-devel <qemu-devel@...gnu.org>,
Cornelia Huck <cohuck@...hat.com>,
Thomas Huth <thuth@...hat.com>
Subject: Re: s390 qemu boot failure in -next
On Mon, Jun 25, 2018 at 09:27:59AM +0200, Christian Borntraeger wrote:
> - /* Overwrite parameters in the kernel image, which are "rom" */
> - strcpy(rom_ptr(KERN_PARM_AREA), ipl->cmdline);
> + strcpy(rom_ptr(KERN_PARM_AREA), ipl->cmdline);
Why not replace strcpy() with strncpy() or snprintf()?
strcpy() may overflow.
Powered by blists - more mailing lists