| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f6dab965-b248-41e0-4cc2-06e140174f68@tycho.nsa.gov>
Date: Mon, 6 Jan 2020 15:49:16 -0500
From: Stephen Smalley <sds@...ho.nsa.gov>
To: liuyang34 <yangliuxm34@...il.com>,
Paul Moore <paul@...l-moore.com>,
Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
linux-kernel@...r.kernel.org
Cc: liuyang34 <liuyang34@...omi.com>
Subject: Re: [PATCH] selinuxfs: use scnprinft to get real length in
sel_read_class
On 1/5/20 8:56 PM, liuyang34 wrote:
> as the return value of snprintf maybe over the size of TMPBUFLEN,
> use scnprintf to instead of it
Is there a reason you didn't make the same change to sel_read_perm()?
>
> Signed-off-by: liuyang34 <liuyang34@...omi.com>
> ---
> security/selinux/selinuxfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
> index ee94fa4..977c32d 100644
> --- a/security/selinux/selinuxfs.c
> +++ b/security/selinux/selinuxfs.c
> @@ -1672,7 +1672,7 @@ static ssize_t sel_read_class(struct file *file, char __user *buf,
> {
> unsigned long ino = file_inode(file)->i_ino;
> char res[TMPBUFLEN];
> - ssize_t len = snprintf(res, sizeof(res), "%d", sel_ino_to_class(ino));
> + ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_class(ino));
> return simple_read_from_buffer(buf, count, ppos, res, len);
> }
>
>
Powered by blists - more mailing lists