| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181222142411.GA10058@danjae.aot.lge.com>
Date: Sat, 22 Dec 2018 23:24:11 +0900
From: Namhyung Kim <namhyung@...nel.org>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Ingo Molnar <mingo@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Joe Perches <joe@...ches.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Tom Zanussi <zanussi@...nel.org>,
Andreas Schwab <schwab@...ux-m68k.org>, kernel-team@....com
Subject: Re: [PATCH v4] string.h: Add str_has_prefix() helper function
On Sat, Dec 22, 2018 at 07:24:04AM -0500, Steven Rostedt wrote:
> On Sat, 22 Dec 2018 18:33:46 +0900
> Namhyung Kim <namhyung@...nel.org> wrote:
>
> > > +static __always_inline size_t str_has_prefix(const char *str, const char *prefix)
> > > +{
> > > + size_t len = strlen(prefix);
> > > + return strncmp(str, prefix, len) == 0 ? len : 0;
> >
> > As it already knows the length (and it needs to use it for return
> > value), isn't it (slightly) better using memcmp() instead?
>
> No, because we don't know the length of str.
>
>
> [ str = "h\0[bad memory]" ]
>
>
> str_has_prefix(str, "TEST THIS BIG STRING AT FRONT")
>
>
> If we use memcmp(), then we are testing way after str has ended, and
> that can cause a memory fault.
I don't know what's the bad memory causing memory fault but anyway
memcpy() should stop at the NUL character first as it's different, no?
Thanks,
Namhyung
Powered by blists - more mailing lists