* [patch] kgdb: strlen() doesn't count the terminator
@ 2010-07-10 9:29 Dan Carpenter
2010-12-09 11:28 ` Dan Carpenter
0 siblings, 1 reply; 3+ messages in thread
From: Dan Carpenter @ 2010-07-10 9:29 UTC (permalink / raw)
To: kernel-janitors
This is an off by one because strlen() doesn't count the null
terminator. We strcpy() these strings into an array of size
MAX_CONFIG_LEN.
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c
index 7245023..799ea0a 100644
--- a/drivers/misc/kgdbts.c
+++ b/drivers/misc/kgdbts.c
@@ -988,7 +988,7 @@ static void kgdbts_run_tests(void)
static int kgdbts_option_setup(char *opt)
{
- if (strlen(opt) > MAX_CONFIG_LEN) {
+ if (strlen(opt) >= MAX_CONFIG_LEN) {
printk(KERN_ERR "kgdbts: config string too long\n");
return -ENOSPC;
}
diff --git a/drivers/serial/kgdboc.c b/drivers/serial/kgdboc.c
index a9a94ae..ba7b7c6 100644
--- a/drivers/serial/kgdboc.c
+++ b/drivers/serial/kgdboc.c
@@ -70,7 +70,7 @@ static void kgdboc_unregister_kbd(void)
static int kgdboc_option_setup(char *opt)
{
- if (strlen(opt) > MAX_CONFIG_LEN) {
+ if (strlen(opt) >= MAX_CONFIG_LEN) {
printk(KERN_ERR "kgdboc: config string too long\n");
return -ENOSPC;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [patch] kgdb: strlen() doesn't count the terminator
2010-07-10 9:29 [patch] kgdb: strlen() doesn't count the terminator Dan Carpenter
@ 2010-12-09 11:28 ` Dan Carpenter
2010-12-14 4:50 ` Jason Wessel
0 siblings, 1 reply; 3+ messages in thread
From: Dan Carpenter @ 2010-12-09 11:28 UTC (permalink / raw)
To: Jason Wessel
Cc: Paul Mundt, Geert Uytterhoeven, linux-kernel, kgdb-bugreport,
Tilman Sauerbeck, kernel-janitors
This is an off by one because strlen() doesn't count the null
terminator. We strcpy() these strings into an array of size
MAX_CONFIG_LEN.
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c
index 59c118c..27dc463 100644
--- a/drivers/misc/kgdbts.c
+++ b/drivers/misc/kgdbts.c
@@ -988,7 +988,7 @@ static void kgdbts_run_tests(void)
static int kgdbts_option_setup(char *opt)
{
- if (strlen(opt) > MAX_CONFIG_LEN) {
+ if (strlen(opt) >= MAX_CONFIG_LEN) {
printk(KERN_ERR "kgdbts: config string too long\n");
return -ENOSPC;
}
diff --git a/drivers/serial/kgdboc.c b/drivers/serial/kgdboc.c
index 3374618..ec1748b 100644
--- a/drivers/serial/kgdboc.c
+++ b/drivers/serial/kgdboc.c
@@ -130,7 +130,7 @@ static void kgdboc_unregister_kbd(void)
static int kgdboc_option_setup(char *opt)
{
- if (strlen(opt) > MAX_CONFIG_LEN) {
+ if (strlen(opt) >= MAX_CONFIG_LEN) {
printk(KERN_ERR "kgdboc: config string too long\n");
return -ENOSPC;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [patch] kgdb: strlen() doesn't count the terminator
2010-12-09 11:28 ` Dan Carpenter
@ 2010-12-14 4:50 ` Jason Wessel
0 siblings, 0 replies; 3+ messages in thread
From: Jason Wessel @ 2010-12-14 4:50 UTC (permalink / raw)
To: Dan Carpenter, Jason Wessel, Paul Mundt, Geert Uytterhoeven,
linux-kernel, kgdb-bugreport, Tilman Sauerbeck, kernel-janitors,
Kgdb-bugreport
On 12/09/2010 05:28 AM, Dan Carpenter wrote:
> This is an off by one because strlen() doesn't count the null
> terminator. We strcpy() these strings into an array of size
> MAX_CONFIG_LEN.
>
I'll queue this patch for the 2.6.38 merge window since it is not
something you can exploit without root access, and the fact that the
vast majority of configurations do not include the kgdb test suite at
all.
Thanks,
Jason.
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c
> index 59c118c..27dc463 100644
> --- a/drivers/misc/kgdbts.c
> +++ b/drivers/misc/kgdbts.c
> @@ -988,7 +988,7 @@ static void kgdbts_run_tests(void)
>
> static int kgdbts_option_setup(char *opt)
> {
> - if (strlen(opt) > MAX_CONFIG_LEN) {
> + if (strlen(opt) >= MAX_CONFIG_LEN) {
> printk(KERN_ERR "kgdbts: config string too long\n");
> return -ENOSPC;
> }
> diff --git a/drivers/serial/kgdboc.c b/drivers/serial/kgdboc.c
> index 3374618..ec1748b 100644
> --- a/drivers/serial/kgdboc.c
> +++ b/drivers/serial/kgdboc.c
> @@ -130,7 +130,7 @@ static void kgdboc_unregister_kbd(void)
>
> static int kgdboc_option_setup(char *opt)
> {
> - if (strlen(opt) > MAX_CONFIG_LEN) {
> + if (strlen(opt) >= MAX_CONFIG_LEN) {
> printk(KERN_ERR "kgdboc: config string too long\n");
> return -ENOSPC;
> }
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-12-14 4:50 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-07-10 9:29 [patch] kgdb: strlen() doesn't count the terminator Dan Carpenter
2010-12-09 11:28 ` Dan Carpenter
2010-12-14 4:50 ` Jason Wessel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).