Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp

From: James Morris
Date: Thu Nov 12 2009 - 16:42:15 EST

Next message: Jarek Poplawski: "Re: large packet loss take2 2.6.31.x"
Previous message: Cyrill Gorcunov: "Re: Reading /dev/mem by dd"
In reply to: David Wagner: "Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp"
Next in thread: Julia Lawall: "Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 12 Nov 2009, Casey Schaufler wrote:

> I strongly suggest that this is not what is wanted.
> strcmp(x,y)
> and
> strncmp(x,y,sizeof(y))
>
> are functionally equivalent and strcmp has a bad reputation in
> the security community because it is associated with potential
> buffer overrun issues.

Do you see potential for a buffer overrun in this case?

The strings being compared are "sysfs" and the name field of 'struct
file_system_type'. The kernel code elsewhere assumes the latter string to
be a valid zero-terminated string, and we should, too.

- James
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jarek Poplawski: "Re: large packet loss take2 2.6.31.x"
Previous message: Cyrill Gorcunov: "Re: Reading /dev/mem by dd"
In reply to: David Wagner: "Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp"
Next in thread: Julia Lawall: "Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]