Hi, > On Saturday 05 of September 2009 08:25:01 Florian Zumbiehl wrote: > > Hi, > > > > > > diff --git a/libudev/libudev-util-private.c > > > > b/libudev/libudev-util-private.c index 64203a8..c309945 100644 > > > > --- a/libudev/libudev-util-private.c > > > > +++ b/libudev/libudev-util-private.c > > > > @@ -268,7 +268,7 @@ int util_run_program(struct udev *udev, const > > > > char *command, char **envp, pid_t pid; > > > > char arg[UTIL_PATH_SIZE]; > > > > char program[UTIL_PATH_SIZE]; > > > > - char *argv[(sizeof(arg) / 2) + 1]; > > > > + char *argv[sizeof(arg) + 1]; > > > > > > Could you give example when this overflows? > > > > UTIL_PATH_SIZE-1 spaces. > > > > Please try to understand what code you are fixing does. No, of course not. Now, what am I missing? I obviously do not understand much of how udev works, but if the code of this function is not somewhat pointless, then how would there not be a potential buffer overflow? Florian -- To unsubscribe from this list: send the line "unsubscribe linux-hotplug" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
