Re: Modprobe local root exploit

From: Daniel Phillips (news-innominate.list.linux.kernel@innominate.de)
Date: Tue Nov 14 2000 - 06:29:41 EST

Next message: Samium Gromoff: "2.4.0-test9/PPPD2.4.0-release"
Previous message: Keith Owens: "Re: Modprobe local root exploit"
In reply to: Peter Samuelson: "Re: Modprobe local root exploit"
Next in thread: Daniel Phillips: "Re: Modprobe local root exploit"
Reply: Daniel Phillips: "Re: Modprobe local root exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Samuelson wrote:
>
> [Torsten Duwe]
> > >>>>> "Francis" == Francis Galiegue <fg@mandrakesoft.com> writes:
> >
> > >> + if ((*p & 0xdf) >= 'a' && (*p & 0xdf) <= 'z') continue;
> >
> > Francis> Just in case... Some modules have uppercase letters too :)
> >
> > That's what the &0xdf is intended for...
>
> It's wrong, then: you've converted to uppercase, not lowercase.
>
> request_module is not a fast path. Do it the obvious, unoptimized way:
>
> if ((*p < 'a' || *p > 'z') &&
> (*p < 'A' || *p > 'Z') &&
> (*p < '0' || *p > '9') &&
> *p != '-' && *p != '_')
> return -EINVAL;

Heading in the right direction, but this is equivalent to:

if (isalnum(*p) && *p != '-' && *p != '_') return -EINVAL;

which is faster, smaller and easier to read.

--
Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Samium Gromoff: "2.4.0-test9/PPPD2.4.0-release"
Previous message: Keith Owens: "Re: Modprobe local root exploit"
In reply to: Peter Samuelson: "Re: Modprobe local root exploit"
Next in thread: Daniel Phillips: "Re: Modprobe local root exploit"
Reply: Daniel Phillips: "Re: Modprobe local root exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Nov 15 2000 - 21:00:25 EST