On Thu, 31 Oct 2024 02:41:18 -0700 Breno Leitao wrote: > > Should we mention here that KASAN or some such is needed to catch > > the bugs? Chances are the resulting UAF will not crash and go unnoticed > > without KASAN. > > What about adding something like this in the fail_skb_realloc section in > the fault-injection.rst file: SG > > the buffer needs to be null terminated, like: > > > > skb_realloc.devname[IFNAMSIZ - 1] = '\0'; > > > > no? > > Yes, but isn't it what the next line do, with strim()? I could be wrong, but looks like first thing strim does is call strlen()
