Re: [PATCH v2] libmount: Fix access to uninitialised value in mnt_optstr_locate_option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hey Karel,

Thanks for your patch, the changes look good to me!

I have one small follow-up question though. You added the following
sentence to the documentation for mnt_match_options():

> The alone "no" is error and all matching ends with False.

I believe this to be a good change. However, If my understanding of
this documentation comment is correct I would have expected

	mnt_match_options("bla", "no,,")

to return False as well but to my surprise it actually returns True. I
understand that this is an edge case but is that intended? Maybe the ","
should be treated as an terminating character for the "no" as well (i.e.
in addition to the null byte)?

diff --git a/libmount/src/optstr.c b/libmount/src/optstr.c
index 4fbbb0859..a0056c767 100644
--- a/libmount/src/optstr.c
+++ b/libmount/src/optstr.c
@@ -865,7 +865,7 @@ int mnt_match_options(const char *optstr, const char *pattern)
 			name++, namesz--;
 		else if ((no = (startswith(name, "no") != NULL))) {
 			name += 2, namesz -= 2;
-			if (!*name) {
+			if (!*name || *name == ',') {
 				match = 0;
 				break;	/* alone "no" keyword is error */
 			}

With this patch applied it also returns False for the "no,," pattern.

Greetings,
Sören

Karel Zak <kzak@xxxxxxxxxx> wrote:
> On Sat, Feb 25, 2023 at 02:40:52PM +0100, Sören Tempel wrote:
> > This solution also has the issue that it handles the case incorrectly
> > where xstrncpy actually calls strlen(3). I wanted to avoid that but
> > maybe the best solution is to just change the xstrncpy API in a way that
> > it indicates whether it has written anything through an int return
> > value?
> 
> The best will be to avoid all the buffer, xstrndup(), and         
> mnt_optstr_get_option() using if the options string or the pattern is   
> empty.  It's unnecessary because we know that mnt_optstr_get_option()
> will return nothing.
> 
> I have committed
> https://github.com/util-linux/util-linux/commit/06ee5267516761721ebfbdfa313980cef8e54c66
> 
> > Sorry for all the noise. Next time, I will just write a bug report...
> 
> That's no problem. We should be friendly to people who invest time to
> report bugs and write code ;-)
> 
>     Karel




[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux