| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2011 11:15:35 +0300
From: Vitalii Demianets <vitas@...factor.kiev.ua>
To: Andy Gospodarek <andy@...yhouse.net>
Cc: netdev@...r.kernel.org, Takuma Umeya <tumeya@...hat.com>
Subject: Re: [PATCH net-next] bonding: fix strlen errors in sysfs
On Thursday 14 July 2011 04:57:45 Andy Gospodarek wrote:
> - if (strnicmp
> - (slave->dev->name, buf,
> - strlen(slave->dev->name)) == 0) {
> + int max_len = max(strlen(slave->dev->name),
> + strlen(buf) - 1);
> + if (strnicmp(slave->dev->name, buf, max_len) == 0) {
As for me there is no sense in preventing "address out of range" errors in
strnicmp by calculating length with strlen first. If there is missing \0 at
the end of the string you just shift failure point from stricmp to the strlen
function call.
IMHO "maximum length" argument in strnicmp should be some appropriate constant
instead. Alternatively we can use count:
if (strnicmp(slave->dev->name, buf, count) == 0) {
> - if (strnicmp
> - (slave->dev->name, buf,
> - strlen(slave->dev->name)) == 0) {
> + int max_len = max(strlen(slave->dev->name),
> + strlen(buf) - 1);
> + if (strnicmp(slave->dev->name, buf, max_len) == 0) {
Same here.
--
Vitalii
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists