On Fri, Feb 5, 2016 at 2:46 AM, David Laight <David.Laight@xxxxxxxxxx> wrote: > From: Kees Cook >> Sent: 04 February 2016 21:01 >> Some callers of strtobool were passing a pointer to unterminated strings. >> In preparation of adding multi-character processing to kstrtobool, update >> the callers to not pass single-character pointers, and switch to using the >> new kstrtobool_from_user helper where possible. > > Personally I think you should change the name of the function so that the > compiler (and linker) will pick up places that have not been changed. > Relying on people to make the required changes will cause problems. After the single-character users were pointed out, I looked for others and there aren't any. > The current code (presumably) treats "no", "nyet" and "nkjkkrkjrkjterkj" as false. > Changing that behaviour will break things. There's no change there. All three of those will still be "false". Perhaps my changelog shouldn't say "unterminated" but rather "character array". > If you want to support "on" and "off", then maybe check for the supplied string > starting with the character sequences "on\0" and "off\0" (as well as any others). > This doesn't need the input string be '\0' terminated - since you match y and n > without looking at the 2nd byte. > You'd have to be extremely unlucky to get a page fault in the 3 bytes > following an 'o' if the caller supplied a single byte buffer. I'd prefer to keep the switch statement as short as possible, and I don't want to do full string compares. And as you say, even fixing the single-byte callers seems like a needless exercise, but seeing as how it's a net clean-up, I think it's good they way I've got the series. -Kees -- Kees Cook Chrome OS & Brillo Security -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
