| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3986-5ef09780-43-189d6180@550955>
Date: Mon, 22 Jun 2020 13:35:35 +0200
From: "Kars Mulder" <kerneldev@...smulder.nl>
To: linux-kernel@...r.kernel.org
Subject: Writing to a const pointer: is this supposed to
happen?
In the file drivers/usb/core/quirks.c, I noticed a couple of odd things about the function "quirks_param_set", and I'd like to check whether those are ok according to the kernel programming practices. Here are the relevant lines from the function (several lines omitted):
static int quirks_param_set(const char *val, const struct kernel_param *kp) {
char *p, *field;
for (i = 0, p = (char *)val; p && *p;) {
field = strsep(&p, ":");
if (!field)
break;
In here a const pointer *val is cast into a non-const pointer and then written to by the function strsep, which replaces the first occurrence of the ':' token by a null-byte. Is this allowed?
On a minor side note, this function immediately checks whether the first call to strsep(&p, ":") returned a nullpointer. From what I can learn from the documentation, strsep always returns what *&p was when the strsep was called, and p is verified to be nonzero in the loop condition right before the call to strsep. Is this check actually necessary? Is it a good idea to add a return-value check anyway even if it is not necessary, as an abundance of caution?
Powered by blists - more mailing lists