Re: SECURITY - data leakage due to incorrect strncpy implementation

From: Horst von Brand (vonbrand@inf.utfsm.cl)
Date: Sat Jul 12 2003 - 16:28:16 EST

Next message: Horst von Brand: "Re: Linux 2.5.75"
Previous message: Horst von Brand: "Re: Style question: Should one check for NULL pointers?"
Next in thread: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Reply: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan Cox <alan@lxorguk.ukuu.org.uk> said:

[...]

> 2.5 you have problems all over the place from wrong strlcpy conversions,
> but those are easy enough to clean up before 2.6.0

Perhaps there should be a strncpy_touser() to make it crystal clear that it
_can't_ be "optimized" into strlcpy()

-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Horst von Brand: "Re: Linux 2.5.75"
Previous message: Horst von Brand: "Re: Style question: Should one check for NULL pointers?"
Next in thread: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Reply: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Jul 15 2003 - 22:00:46 EST