On Mon, Jun 23, 2014 at 11:43:06AM +0200, Johannes Berg wrote: > On Wed, 2014-06-11 at 10:23 +0300, Arik Nemtsov wrote: > > From: Eliad Peller <eliad@xxxxxxxxxx> > > > > alpha2 is defined as 2-chars array, but is used in multiple > > places as string (e.g. with nla_put_string calls), which > > might leak kernel data. > > > > Solve it by simply adding an extra char for the NULL > > terminator, making such operations safe. > > I'm beginning to think that it would make more sense to just not use > nla_put_string()? If the reason for adding the check was because of a new use case then yes, but other than that are there other reasons you were considering? Luis -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
