diff for duplicates of <20180722091347.1faa81f0@archlinux> diff --git a/a/1.txt b/N1/1.txt index 5b1322b..c1c83c2 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -3,38 +3,37 @@ Dominique Martinet <asmadeus@codewreck.org> wrote: > Jonathan Cameron wrote on Sun, Jul 15, 2018: > > On Fri, 13 Jul 2018 03:25:34 +0200 -> > Dominique Martinet <asmadeus@codewreck.org> wrote: =20 +> > Dominique Martinet <asmadeus@codewreck.org> wrote: > > > Generated by scripts/coccinelle/misc/strncpy_truncation.cocci -> > >=20 -> > > Signed-off-by: Dominique Martinet <asmadeus@codewreck.org> =20 -> >=20 +> > > +> > > Signed-off-by: Dominique Martinet <asmadeus@codewreck.org> +> > > > Applied to the togreg branch of iio.git and pushed out as testing -> > for the autobuilders to play with it. =20 ->=20 +> > for the autobuilders to play with it. +> > Thanks! ->=20 +> > I have been pointed out that strlcpy, unlike strncpy, will read past the -> size given in the input string and thus is Bad=E2=84=A2 if the input stri= -ng is +> size given in the input string and thus is Bad™ if the input string is > not nul terminated. ->=20 +> > After taking the time to check I believe this should not happen as the > original name seems to come from a dentry's d_name after proper > preparation (a buffer is allocated precisely for this purpose), but it > will not hurt to wait for that version. ->=20 ->=20 +> +> > The second reason I was waiting is that I intended to check for each > patch if it is safe to not pad the end of the string with zeroes (to > avoid e.g. information leaks) and that seems OK as well here after a > quick check but I wouldn't trust my own eyes this late so I'll let you > be judge of that if you feel like taking v1 anyway. ->=20 +> > Otherwise, I'll recheck properly and submit a v2 with strscpy and a > better commit message after the coccinelle script is taken for inclusion > and doing a better check but this might take a while longer. ->=20 ->=20 +> +> > Thanks, In this particular case I'm fairly sure it is safe so I'll leave it as is. diff --git a/a/content_digest b/N1/content_digest index 4c9413c..4b83c47 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -20,38 +20,37 @@ "\n" "> Jonathan Cameron wrote on Sun, Jul 15, 2018:\n" "> > On Fri, 13 Jul 2018 03:25:34 +0200\n" - "> > Dominique Martinet <asmadeus@codewreck.org> wrote: =20\n" + "> > Dominique Martinet <asmadeus@codewreck.org> wrote: \n" "> > > Generated by scripts/coccinelle/misc/strncpy_truncation.cocci\n" - "> > >=20\n" - "> > > Signed-off-by: Dominique Martinet <asmadeus@codewreck.org> =20\n" - "> >=20\n" + "> > > \n" + "> > > Signed-off-by: Dominique Martinet <asmadeus@codewreck.org> \n" + "> > \n" "> > Applied to the togreg branch of iio.git and pushed out as testing\n" - "> > for the autobuilders to play with it. =20\n" - ">=20\n" + "> > for the autobuilders to play with it. \n" + "> \n" "> Thanks!\n" - ">=20\n" + "> \n" "> I have been pointed out that strlcpy, unlike strncpy, will read past the\n" - "> size given in the input string and thus is Bad=E2=84=A2 if the input stri=\n" - "ng is\n" + "> size given in the input string and thus is Bad\342\204\242 if the input string is\n" "> not nul terminated.\n" - ">=20\n" + "> \n" "> After taking the time to check I believe this should not happen as the\n" "> original name seems to come from a dentry's d_name after proper\n" "> preparation (a buffer is allocated precisely for this purpose), but it\n" "> will not hurt to wait for that version.\n" - ">=20\n" - ">=20\n" + "> \n" + "> \n" "> The second reason I was waiting is that I intended to check for each\n" "> patch if it is safe to not pad the end of the string with zeroes (to\n" "> avoid e.g. information leaks) and that seems OK as well here after a\n" "> quick check but I wouldn't trust my own eyes this late so I'll let you\n" "> be judge of that if you feel like taking v1 anyway.\n" - ">=20\n" + "> \n" "> Otherwise, I'll recheck properly and submit a v2 with strscpy and a\n" "> better commit message after the coccinelle script is taken for inclusion\n" "> and doing a better check but this might take a while longer.\n" - ">=20\n" - ">=20\n" + "> \n" + "> \n" "> Thanks,\n" "\n" "In this particular case I'm fairly sure it is safe so I'll leave it as is.\n" @@ -60,4 +59,4 @@ "\n" Jonathan -09c1d334e0f958fef1c4ac4e43c34ef4ac175222ec2916c7bfbf5a4aa84389b0 +b81330ea8611c03225c96d7c98da9d65825811c546e07450be8c63a0c198e95e
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.