Re: [patch] netrom: check that user string is terminated

From: Dan Carpenter <hidden>
Date: 2011-11-23 19:54:22
Also in: kernel-janitors, linux-hams

On Wed, Nov 23, 2011 at 07:12:49PM +0000, Ralf Baechle wrote:

On Wed, Nov 23, 2011 at 09:22:16AM +0100, walter harms wrote:

quoted

I am not sure that it does what you intends.
mnemonic is an array and a  malicious use may fill it upto the last char
causing strlen go beyond. perhaps this may help:

Correct, it makes thigs worse.  I'm going to reply in detail later tonight,
have to bail out now.

Ok.  I said in a different thread that I was going to redo these
using strnlen() but I'll wait to read your comments.

regards,
dan carpenter

Attachments

signature.asc [application/pgp-signature] 836 bytes

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help