[U-Boot] A minor question on a Driver Model function

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Igor Grinberg <grinberg@compulab.co.il>
To: u-boot@lists.denx.de
Subject: [U-Boot] A minor question on a Driver Model function
Date: Wed, 17 Sep 2014 16:41:26 +0300	[thread overview]
Message-ID: <54198F86.3080802@compulab.co.il> (raw)
In-Reply-To: <20140917171856.3BCB.AA925319@jp.panasonic.com>

On 09/17/14 11:18, Masahiro Yamada wrote:
> Hi Igor,
> 
> 
> 
> On Mon, 15 Sep 2014 11:04:20 +0300
> Igor Grinberg <grinberg@compulab.co.il> wrote:
> 
>> Hi,
>>
>> On 09/14/14 21:28, Simon Glass wrote:
>>> Hi Masahiro,
>>>
>>> On 12 September 2014 05:25, Masahiro Yamada <yamada.m@jp.panasonic.com> wrote:
>>>> Hi Simon,
>>>>
>>>>
>>>> I have a qustion about lists_driver_lookup_name() function.
>>>>
>>>>
>>>>
>>>>         for (entry = drv; entry != drv + n_ents; entry++) {
>>>>                 if (strncmp(name, entry->name, len))
>>>>                         continue;
>>>>
>>>>                 /* Full match */
>>>>                 if (len == strlen(entry->name))
>>>>                         return entry;
>>>>         }
>>>>
>>>>
>>>>
>>>>
>>>> Why is this not like follows?
>>>>
>>>>
>>>>
>>>>
>>>>         for (entry = drv; entry != drv + n_ents; entry++) {
>>>>                 if (!strcmp(name, entry->name))
>>>>                         return entry;
>>>>         }
>>
>> I would suggest still using strncmp as it is safer,
>> but count also the '\0', so something like:
> 
> Why safer?
> 
> Could you give me more detailed explanation?

Well, I'm not an expert in s/w security, but I'll try to explain...

strcmp() walks the strings and never stops until it reaches '\0'
in either of strings.
In theory (or by mistake), you can supply strings that are not '\0'
terminated and strcmp() will continue running on addresses where
it is not supposed to.
This can lead to exceptions, crashes, etc..

Since this is a library code, I would expect it to be immune to
that kind of problem.

But, again, I'm not an expert in this area, so its only a suggestion.

-- 
Regards,
Igor.

next prev parent reply	other threads:[~2014-09-17 13:41 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-12 11:25 [U-Boot] A minor question on a Driver Model function Masahiro Yamada
2014-09-14 18:28 ` Simon Glass
2014-09-15  8:04   ` Igor Grinberg
2014-09-17  8:18     ` Masahiro Yamada
2014-09-17 13:41       ` Igor Grinberg [this message]
2014-09-17 15:25         ` Bill Pringlemeir
2014-09-18 12:38           ` Igor Grinberg
2014-09-18 15:46             ` Bill Pringlemeir
2014-09-19  6:34               ` Igor Grinberg
2014-09-19  6:54                 ` Masahiro Yamada
2014-09-19 13:41                   ` Igor Grinberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54198F86.3080802@compulab.co.il \
    --to=grinberg@compulab.co.il \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox