Re: [PATCH] proc: Escape more characters in /proc/mounts output

From: Al Viro
Date: Tue Dec 15 2020 - 01:11:25 EST

Next message: Pawel Laszczak: "RE: [PATCH 1/2] usb: cdnsp: Fixes for sparse warnings"
Previous message: Guo Ren: "Re: [PATCH 1/2] futex: mark futex_detect_cmpxchg() as 'noinline'"
In reply to: Siddhesh Poyarekar: "[PATCH] proc: Escape more characters in /proc/mounts output"
Next in thread: Siddhesh Poyarekar: "Re: [PATCH] proc: Escape more characters in /proc/mounts output"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 15, 2020 at 09:54:54AM +0530, Siddhesh Poyarekar wrote:

> + get_user(byte, (const char __user *)data);
> +
> + return byte ? strndup_user(data, PATH_MAX) : NULL;
> }

No. Not to mention anything else, you
* fetch the same data twice
* fail to check the get_user() results

Next message: Pawel Laszczak: "RE: [PATCH 1/2] usb: cdnsp: Fixes for sparse warnings"
Previous message: Guo Ren: "Re: [PATCH 1/2] futex: mark futex_detect_cmpxchg() as 'noinline'"
In reply to: Siddhesh Poyarekar: "[PATCH] proc: Escape more characters in /proc/mounts output"
Next in thread: Siddhesh Poyarekar: "Re: [PATCH] proc: Escape more characters in /proc/mounts output"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]