lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20130127.203900.315969902013911354.davem@davemloft.net>
Date:	Sun, 27 Jan 2013 20:39:00 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	dan.carpenter@...cle.com
Cc:	samuel@...tiz.org, netdev@...r.kernel.org,
	kernel-janitors@...r.kernel.org
Subject: Re: [patch] irda: buffer overflow in irnet_ctrl_read()

From: Dan Carpenter <dan.carpenter@...cle.com>
Date: Fri, 25 Jan 2013 09:40:56 +0300

> The comments here say that the /* Max event is 61 char */ but in 2003 we
> changed the event format and now the max event size is 75.  The longest
> event is:
> 
> 	"Discovered %08x (%s) behind %08x {hints %02X-%02X}\n",
>          12345678901    23  456789012    34567890    1    2 3
> 	            +8    +21        +8          +2   +2     +1
>          = 75 characters.
> 
> There was a check to return -EOVERFLOW if the user gave us a "count"
> value that was less than 64.  Raising it to 75 might break backwards
> compatability.  Instead I removed the check and now it returns a
> truncated string if "count" is too low.
> 
> Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>

Applied to net-next, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ