lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c6bdd0651da37fc6be56c269942eaf2f.pc@manguebit.com>
Date:   Sun, 25 Jun 2023 13:58:45 -0300
From:   Paulo Alcantara <pc@...guebit.com>
To:     David Laight <David.Laight@...LAB.COM>,
        'Rishabh Bhatnagar' <risbhat@...zon.com>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        "pc@....nz" <pc@....nz>
Cc:     "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-cifs@...r.kernel.org" <linux-cifs@...r.kernel.org>,
        Aurelien Aptel <aaptel@...e.com>,
        Steve French <stfrench@...rosoft.com>
Subject: RE: [PATCH 5.4 2/5] cifs: Get rid of kstrdup_const()'d paths

David Laight <David.Laight@...LAB.COM> writes:

> From: Rishabh Bhatnagar
>> Sent: 23 June 2023 22:34
>> From: "Paulo Alcantara (SUSE)" <pc@....nz>
>> 
>> commit 199c6bdfb04b71d88a7765e08285885fbca60df4 upstream.
>> 
>> The DFS cache API is mostly used with heap allocated strings.
>> 
> ...
>> -	ce->path = kstrdup_const(path, GFP_KERNEL);
>> +	ce->path = kstrndup(path, strlen(path), GFP_KERNEL);
>
> That is entirely brain-dead.

Yep.  It's got fixed up later by

        8d7672235533 ("cifs: don't cargo-cult strndup()")

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ