lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f930f25a-01ea-38fe-749d-8917ada042dd@oracle.com>
Date:   Wed, 6 Dec 2017 08:36:08 -0800
From:   Santosh Shilimkar <santosh.shilimkar@...cle.com>
To:     Sowmini Varadhan <sowmini.varadhan@...cle.com>,
        Prashant Bhole <bhole_prashant_q7@....ntt.co.jp>
Cc:     "David S . Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
        linux-rdma@...r.kernel.org, rds-devel@....oracle.com
Subject: Re: [PATCH net-next] rds: debug: fix null check on static array

On 12/6/2017 3:32 AM, Sowmini Varadhan wrote:
> On (12/06/17 10:47), Prashant Bhole wrote:
>>
>> t_name cannot be NULL since it is an array field of a struct.
>> Replacing null check on static array with string length check using
>> strnlen()
> 
> t_name is always initialized for all rds transports today,  and would
> be all zeros unless someone stomped over that memory (in which case
> there could be more serious issues than a busted debug string) but
> it's good  to be safe and check I suppose.

Thanks Sowmini !!

Acked-by: Santosh Shilimkar <santosh.shilimkar@...cle.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ