| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_7078297303BC2446F7663763C6D773640305@qq.com>
Date: Thu, 11 Apr 2024 20:13:37 +0800
From: Edward Adam Davis <eadavis@...com>
To: eadavis@...com
Cc: andrii@...nel.org,
ast@...nel.org,
bpf@...r.kernel.org,
daniel@...earbox.net,
haoluo@...gle.com,
john.fastabend@...il.com,
jolsa@...nel.org,
kpsingh@...nel.org,
linux-kernel@...r.kernel.org,
martin.lau@...ux.dev,
sdf@...gle.com,
song@...nel.org,
syzbot+9b8be5e35747291236c8@...kaller.appspotmail.com,
syzkaller-bugs@...glegroups.com,
yonghong.song@...ux.dev
Subject: Re: [PATCH] bpf: fix uninit-value in strnchr
on Wed, 10 Apr 2024 08:28:01 +0800, Edward Adam Davis
> > * Note that the %NUL-terminator is considered part of the string, and can
> > * be searched for.
> > */
> > char *strnchr(const char *s, size_t count, int c)
> lib/string.c
> 9 /**
> 8 * strnchr - Find a character in a length limited string
> 7 * @s: The string to be searched
> 6 * @count: The number of characters to be searched
> 5 * @c: The character to search for
> 4 *
> 3 * Note that the %NUL-terminator is considered part of the string, and can
> 2 * be searched for.
> 1 */
> 384 char *strnchr(const char *s, size_t count, int c)
> 1 {
> 2 while (count--) {
> 3 if (*s == (char)c) // Only when the length of s is 1, can NUL char be obtained
> 4 return (char *)s;
> 5 if (*s++ == '\0') // When the length of s is greater than 1, the loop will terminate and return NULL, without obtaining a pointer to a NUL char
> 6 break;
> 7 }
> 8 return NULL;
> 9 }
My comments is wrong, strnchr() work well.
> >
> >
> > > return -EINVAL;
> > > fmt_size = fmt_end - fmt;
Powered by blists - more mailing lists