On Mon, 2014-06-30 at 15:23 -0700, Luis R. Rodriguez wrote: > On Mon, Jun 23, 2014 at 11:43:06AM +0200, Johannes Berg wrote: > > On Wed, 2014-06-11 at 10:23 +0300, Arik Nemtsov wrote: > > > From: Eliad Peller <eliad@xxxxxxxxxx> > > > > > > alpha2 is defined as 2-chars array, but is used in multiple > > > places as string (e.g. with nla_put_string calls), which > > > might leak kernel data. > > > > > > Solve it by simply adding an extra char for the NULL > > > terminator, making such operations safe. > > > > I'm beginning to think that it would make more sense to just not use > > nla_put_string()? > > If the reason for adding the check was because of a new use case > then yes, but other than that are there other reasons you were > considering? This was never intended to be a string, only 2 characters ... so why use it with string functions? johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html