On Thu, Aug 05, 2010 at 06:08:08PM +0800, Changli Gao wrote: > On Thu, Aug 5, 2010 at 5:38 PM, Dan Carpenter <error27@xxxxxxxxx> wrote: > > The main motivation of this patch changing strcpy() to strlcpy(). > > We strcpy() to copy a 48 byte buffers into a 49 byte buffers. So at > > best the last byte has leaked information, or maybe there is an > > overflow? Anyway, this patch closes the information leaks by zeroing > > the memory and the calls to strlcpy() prevent overflows. > > strlcpy() can handle the terminator NUL. so you don't need to zero it. If there are no NUL chars in "rcvmsg->msg_data.byte_array" then strlcpy() is sufficient, but if there is a NUL character then you need to zero the memory. The patch handles both possibilities. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
