lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 19 Feb 2024 10:28:13 +0000
From: David Howells <dhowells@...hat.com>
To: Daniil Dulov <d.dulov@...ddin.ru>
Cc: dhowells@...hat.com, Jeffrey E Altman <jaltman@...istor.com>,
    linux-afs@...ts.infradead.org,
    Marc Dionne <marc.dionne@...istor.com>, linux-kernel@...r.kernel.org,
    lvc-project@...uxtesting.org
Subject: Re: [PATCH v2] afs: Increase buffer size in afs_update_volume_status()

Daniil Dulov <d.dulov@...ddin.ru> wrote:

> The max length of volume->vid value is 20 characters.
> So increase idbuf[] size up to 20 to avoid overflow.

Is that 20 including the NUL?  If not, I'd increase it to 24 (it's likely to
get rounded up to a multiple of 4 or 8 by the compiler).

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ