| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48a250ba23394bdba024cd493717cb55@AcuMS.aculab.com>
Date: Wed, 24 Jul 2019 09:07:58 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Stephen Hemminger' <stephen@...workplumber.org>,
Jiri Pirko <jiri@...nulli.us>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"sthemmin@...rosoft.com" <sthemmin@...rosoft.com>,
"dsahern@...il.com" <dsahern@...il.com>,
"alexanderk@...lanox.com" <alexanderk@...lanox.com>,
"mlxsw@...lanox.com" <mlxsw@...lanox.com>
Subject: RE: [patch iproute2 1/2] tc: action: fix crash caused by incorrect
*argv check
From: Stephen Hemminger
> Sent: 23 July 2019 18:54
>
> On Tue, 23 Jul 2019 13:25:37 +0200
> Jiri Pirko <jiri@...nulli.us> wrote:
>
> > From: Jiri Pirko <jiri@...lanox.com>
> >
> > One cannot depend on *argv being null in case of no arg is left on the
> > command line. For example in batch mode, this is not always true. Check
> > argc instead to prevent crash.
Hmmm... expecting the increments of argv and decrements of argc to match
it probably wishful thinking....
A lot of parsers don't even look at argc.
> Actually makeargs does NULL terminate the last arg so what input
> to batchmode is breaking this?
The 'usual' problem is an extra increment of argv because the last entry
was something that 'eats' two or more entries.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists