At Mon, 22 Mar 2010 18:18:04 +0100,
walter harms wrote:
>
>
>
> Takashi Iwai schrieb:
> > At Mon, 22 Mar 2010 08:43:47 -0700,
> > Joe Perches wrote:
> >> On Mon, 2010-03-22 at 18:39 +0300, Dan Carpenter wrote:
> >>> card->driver is 15 characters and a NULL, the original code could
> >>> cause a buffer overflow.
> >>> In version 2, I used a better name that Takashi Iwai suggested.
> >> Perhaps it's better to use strncpy as well.
> >
> > strlcpy() would be safer :)
> >
> > But, in such a case, we want rather that the error is notified at
> > build time.
> >
> > Maybe a macro like below would be helpful to catch such bugs?
> >
> > #define COPY_STRING(buf, src) \
> > do { \
> > if (__builtin_constant_p(src)) \
> > BUILD_BUG_ON(strlen(src) >= sizeof(buf)); \
> > strcpy(buf, src); \
> > } while (0)
> >
> > and used like:
> >
> > struct foo {
> > char foo[5];
> > } x;
> >
> > COPY_STRING(x.foo, "OK"); // OK
> > COPY_STRING(x.foo, "1234567890"); // NG
> >
> >
> > Takashi
> > --
>
>
> did i miss something ?
Yes :)
> why not change card->driver int char * ? a simple card->driver="name"
> would solve the problem.
The length is fixed because it's used for ioctl.
Takashi
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
