________________________________________ Von: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Gesendet: Dienstag, 10. März 2020 10:06 An: Walter Harms Cc: Tigran A. Aivazian; linux-kernel@xxxxxxxxxxxxxxx; kernel-janitors@xxxxxxxxxxxxxxx Betreff: Re: [PATCH] bfs: prevent underflow in bfs_find_entry() On Mon, Mar 09, 2020 at 08:40:28AM +0000, Walter Harms wrote: > hi Dan, > the namelen usage is fishy. It goes into bfs_namecmp() > where it is checked for namelen < BFS_NAMELEN, leaving > only the case ==. The rule in bfs_namecmp() is that the name has to be NUL terminated if there is enough space. that raises the question why is there a len paramter in the first place. Surely the writer can make sure that there is always a NUL terminated string, then it would be possible the use a simple strcmp() and the range check is useless and can be removed. seems a question for the maintainer. re, wh
