From: Jason Wessel <jason.wessel@windriver.com>
To: Dan Carpenter <error27@gmail.com>,
Jason Wessel <jason.wessel@windriver.com>,
Paul Mundt <lethal@linux-sh.org>,
Geert Uytterhoeven <geert@linux-m68k.org>,
linux-kernel@vger.kernel.org,
kgdb-bugreport@lists.sourceforge.net,
Tilman Sauerbeck <tilman@code-monkey.de>,
kernel-janitors@vger.kernel.org,
Kgdb-bugreport@lists.sourceforge.net
Subject: Re: [patch] kgdb: strlen() doesn't count the terminator
Date: Tue, 14 Dec 2010 04:50:32 +0000 [thread overview]
Message-ID: <4D06F798.9000006@windriver.com> (raw)
In-Reply-To: <20101209112821.GU10623@bicker>
On 12/09/2010 05:28 AM, Dan Carpenter wrote:
> This is an off by one because strlen() doesn't count the null
> terminator. We strcpy() these strings into an array of size
> MAX_CONFIG_LEN.
>
I'll queue this patch for the 2.6.38 merge window since it is not
something you can exploit without root access, and the fact that the
vast majority of configurations do not include the kgdb test suite at
all.
Thanks,
Jason.
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c
> index 59c118c..27dc463 100644
> --- a/drivers/misc/kgdbts.c
> +++ b/drivers/misc/kgdbts.c
> @@ -988,7 +988,7 @@ static void kgdbts_run_tests(void)
>
> static int kgdbts_option_setup(char *opt)
> {
> - if (strlen(opt) > MAX_CONFIG_LEN) {
> + if (strlen(opt) >= MAX_CONFIG_LEN) {
> printk(KERN_ERR "kgdbts: config string too long\n");
> return -ENOSPC;
> }
> diff --git a/drivers/serial/kgdboc.c b/drivers/serial/kgdboc.c
> index 3374618..ec1748b 100644
> --- a/drivers/serial/kgdboc.c
> +++ b/drivers/serial/kgdboc.c
> @@ -130,7 +130,7 @@ static void kgdboc_unregister_kbd(void)
>
> static int kgdboc_option_setup(char *opt)
> {
> - if (strlen(opt) > MAX_CONFIG_LEN) {
> + if (strlen(opt) >= MAX_CONFIG_LEN) {
> printk(KERN_ERR "kgdboc: config string too long\n");
> return -ENOSPC;
> }
prev parent reply other threads:[~2010-12-14 4:50 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-10 9:29 [patch] kgdb: strlen() doesn't count the terminator Dan Carpenter
2010-12-09 11:28 ` Dan Carpenter
2010-12-14 4:50 ` Jason Wessel [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D06F798.9000006@windriver.com \
--to=jason.wessel@windriver.com \
--cc=error27@gmail.com \
--cc=geert@linux-m68k.org \
--cc=kernel-janitors@vger.kernel.org \
--cc=kgdb-bugreport@lists.sourceforge.net \
--cc=lethal@linux-sh.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tilman@code-monkey.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).