On Mon, Oct 03, 2016 at 10:05:03PM +0200, Tobias Stoeckmann wrote:
> A strlen() call can lead to out of boundary read access if the
> superblock in question has no nul-bytes after the string. This
> could be avoided by using strnlen() but the calls in question
> merely existed to check if the string length is not 0.
>
> By changing the calls as proposed with this diff, these files are
> in sync with other superblock files, which do exactly the same.
> ---
> libblkid/src/superblocks/befs.c | 2 +-
> libblkid/src/superblocks/ext.c | 2 +-
> libblkid/src/superblocks/jfs.c | 2 +-
> libblkid/src/superblocks/nilfs.c | 2 +-
> libblkid/src/superblocks/romfs.c | 2 +-
> libblkid/src/superblocks/xfs.c | 2 +-
> 6 files changed, 6 insertions(+), 6 deletions(-)
Applied, thanks.
> diff --git a/libblkid/src/superblocks/befs.c b/libblkid/src/superblocks/befs.c
> index 7e9eaf6..36e079f 100644
> --- a/libblkid/src/superblocks/befs.c
> +++ b/libblkid/src/superblocks/befs.c
> @@ -451,7 +451,7 @@ static int probe_befs(blkid_probe pr, const struct blkid_idmag *mag)
> /*
> * all checks pass, set LABEL, VERSION and UUID
> */
> - if (strlen(bs->name))
> + if (*bs->name != '\0')
Good catch, I hate it too. BTW, you can use
if (*bs->name)
it's enough.
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
