Re: [patch] netrom: check that user string is terminated

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Nov 23, 2011 at 07:12:49PM +0000, Ralf Baechle wrote:
> On Wed, Nov 23, 2011 at 09:22:16AM +0100, walter harms wrote:
> 
> > I am not sure that it does what you intends.
> > mnemonic is an array and a  malicious use may fill it upto the last char
> > causing strlen go beyond. perhaps this may help:
> 
> Correct, it makes thigs worse.  I'm going to reply in detail later tonight,
> have to bail out now.
> 

Ok.  I said in a different thread that I was going to redo these
using strnlen() but I'll wait to read your comments.

regards,
dan carpenter

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux