Re: SECURITY - data leakage due to incorrect strncpy implementation

From: Linus Torvalds (torvalds@osdl.org)
Date: Fri Jul 11 2003 - 17:44:58 EST

Next message: Francois Romieu: "[PATCH] Re: PATCH: Merge AD1889 driver from 2.4"
Previous message: Neil Brown: "Re: do_div vs sector_t"
In reply to: Alan Cox: "SECURITY - data leakage due to incorrect strncpy implementation"
Next in thread: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Reply: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11 Jul 2003, Alan Cox wrote:
>
> Lots of kernel drivers rely on the libc definition of strncpy.

But that's ok. We _do_ do the padding. I hated it when I wrote it, but as
far as I know, the kernel strncpy() has done padding pretty much since day
one.

Yes, strlcpy() conversion users need to be careful, but I think we mostly
_were_ careful. Knock wood.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Francois Romieu: "[PATCH] Re: PATCH: Merge AD1889 driver from 2.4"
Previous message: Neil Brown: "Re: do_div vs sector_t"
In reply to: Alan Cox: "SECURITY - data leakage due to incorrect strncpy implementation"
Next in thread: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Reply: Alan Cox: "Re: SECURITY - data leakage due to incorrect strncpy implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Jul 15 2003 - 22:00:43 EST