lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Mar 2019 07:30:22 +0100 From: Dominique Martinet <asmadeus@...ewreck.org> To: Jens Axboe <axboe@...nel.dk> Cc: Steven Rostedt <rostedt@...dmis.org>, Ingo Molnar <mingo@...hat.com>, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 15/18] blktrace: change strncpy+truncation to strlcpy Jens, Steven, Jens Axboe wrote on Thu, Mar 14, 2019: > On 3/14/19 7:37 PM, Steven Rostedt wrote: > > I noticed this old patch in my inbox. It looks like a legit cleanup. > > Want to take it? > > Indeed, I've applied it. Thanks! Thanks. I am terribly sorry about this patch series to be honest, I did not prepare it properly and sent too many generic patches at once but more importantly some were unsafe (strlcpy expects the input string to be validly formatted, because it basically does strlen() on it to check how much hasn't been copied for its return value) I was pointed out strscpy instead as a safer alternative. In this case `name` comes from bdevname() which is disk_name() in block/partition-generic.c which is a snprintf, so we are guaranted null truncation from there and it should be OK, but I wanted to check and point it out. Anyway, thanks! -- Dominique
Powered by blists - more mailing lists