| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aBHYT27M1tRxNLRj@stanley.mountain>
Date: Wed, 30 Apr 2025 10:59:11 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Zhongkun He <hezhongkun.hzk@...edance.com>
Cc: akpm@...ux-foundation.org, hannes@...xchg.org, mhocko@...e.com,
yosry.ahmed@...ux.dev, muchun.song@...ux.dev, yuzhao@...gle.com,
linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH V3 2/3] mm: add max swappiness arg to lru_gen for
anonymous memory only
On Wed, Apr 09, 2025 at 03:06:19PM +0800, Zhongkun He wrote:
> + /* set by userspace for anonymous memory only */
> + if (!strncmp("max", swap_string, sizeof("max"))) {
This pattern of strncmp("foo", str, sizeof("foo")) is exactly the same
as strcmp(). It doesn't provide any additional security. The strncmp()
function is meant for matching string prefixes and it's a relatively
common bug to do this:
intended: if (strcmp(string, "prefix", sizeof("prefix") - 1) == 0) {
actual: if (strcmp(string, "prefix", sizeof("prefix")) == 0) {
I have a static checker warning for these:
https://lore.kernel.org/all/30210ed77b40b4b6629de659cb56b9ec7832c447.1744452787.git.dan.carpenter@linaro.org/
If people deliberately misuse the function then it makes it trickier
to tell accidental mistakes from deliberate mistakes.
regards,
dan carpenter
Powered by blists - more mailing lists