| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <32182d4126fd49dabac4091b7a6c89e7@AcuMS.aculab.com>
Date: Thu, 2 Jul 2020 07:55:27 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Kars Mulder' <kerneldev@...smulder.nl>
CC: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Pavel Machek <pavel@....cz>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Kai-Heng Feng <kai.heng.feng@...onical.com>
Subject: RE: Writing to a const pointer: is this supposed to happen?
From: Kars Mulder
> Sent: 02 July 2020 00:03
> On Saturday, June 27, 2020 12:24 CEST, David Laight wrote:
> > The code quoted (using strset()) is almost certainly wrong.
> > The caller is unlikely to expect the input be modified.
> > Since it doesn't fault the string must be in read-write memory.
>
> I tried writing a patch that avoids the writing-to-const-pointer issue
> by using the less intrusive sscanf function instead of strsep. It might
> avoid a potential bug when somebody wrongly assumes that a
> kernel_param_ops.set function will not write to its const char* argument.
Hmm... sscanf() is also horrid.
Surprisingly difficult to use correctly.
It is usually best to use strchr() (and maybe str[c]scn())
to parse strings.
For numbers use whatever the kernels current 'favourite' implementation
of strtoul() is called.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists