lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20171206113211.GA8331@oracle.com>
Date:   Wed, 6 Dec 2017 06:32:11 -0500
From:   Sowmini Varadhan <sowmini.varadhan@...cle.com>
To:     Prashant Bhole <bhole_prashant_q7@....ntt.co.jp>
Cc:     "David S . Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
        Santosh Shilimkar <santosh.shilimkar@...cle.com>,
        linux-rdma@...r.kernel.org, rds-devel@....oracle.com
Subject: Re: [PATCH net-next] rds: debug: fix null check on static array

On (12/06/17 10:47), Prashant Bhole wrote:
> 
> t_name cannot be NULL since it is an array field of a struct.
> Replacing null check on static array with string length check using
> strnlen()

t_name is always initialized for all rds transports today,  and would
be all zeros unless someone stomped over that memory (in which case
there could be more serious issues than a busted debug string) but
it's good  to be safe and check I suppose.

Acked-by: Sowmini Varadhan <sowmini.varadhan@...cle.com>

--Sowmini

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ