| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTi=8ThVqTHpQmDfoon02C-VZ0JwBRtSrU7dzvvNt@mail.gmail.com> Date: Thu, 5 Aug 2010 19:02:06 +0800 From: Changli Gao <xiaosuo@...il.com> To: Dan Carpenter <error27@...il.com> Cc: Karsten Keil <isdn@...ux-pingi.de>, netdev@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: Re: [patch] isdn: fix information leak On Thu, Aug 5, 2010 at 6:19 PM, Dan Carpenter <error27@...il.com> wrote: > On Thu, Aug 05, 2010 at 06:08:08PM +0800, Changli Gao wrote: >> On Thu, Aug 5, 2010 at 5:38 PM, Dan Carpenter <error27@...il.com> wrote: >> > The main motivation of this patch changing strcpy() to strlcpy(). >> > We strcpy() to copy a 48 byte buffers into a 49 byte buffers. So at >> > best the last byte has leaked information, or maybe there is an >> > overflow? Anyway, this patch closes the information leaks by zeroing >> > the memory and the calls to strlcpy() prevent overflows. >> >> strlcpy() can handle the terminator NUL. so you don't need to zero it. > > If there are no NUL chars in "rcvmsg->msg_data.byte_array" then strlcpy() > is sufficient, but if there is a NUL character then you need to zero the > memory. The patch handles both possibilities. > the second parameter of strlcpy() must a NUL terminated C string. I think you means strncpy(). FYI: http://lxr.linux.no/#linux+v2.6.35/lib/string.c#L146 http://lxr.linux.no/#linux+v2.6.35/lib/string.c#L119 -- Regards, Changli Gao(xiaosuo@...il.com) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists