On Tue, 9 Jan 2018 17:55:47 +0800 changbin.du@xxxxxxxxx wrote: > From: Changbin Du <changbin.du@xxxxxxxxx> > > The parser parse every string into parser.buffer. And some of the callers > assume that parser.buffer contains a C string. So it is dangerous that the > parser returns a unterminated string. The userspace can leverage this to > attack the kernel. Is this only a bug if we apply your first patch? -- Steve