From mboxrd@z Thu Jan 1 00:00:00 1970 From: Igor Grinberg Date: Wed, 17 Sep 2014 16:41:26 +0300 Subject: [U-Boot] A minor question on a Driver Model function In-Reply-To: <20140917171856.3BCB.AA925319@jp.panasonic.com> References: <54169D84.9030400@compulab.co.il> <20140917171856.3BCB.AA925319@jp.panasonic.com> Message-ID: <54198F86.3080802@compulab.co.il> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On 09/17/14 11:18, Masahiro Yamada wrote: > Hi Igor, > > > > On Mon, 15 Sep 2014 11:04:20 +0300 > Igor Grinberg wrote: > >> Hi, >> >> On 09/14/14 21:28, Simon Glass wrote: >>> Hi Masahiro, >>> >>> On 12 September 2014 05:25, Masahiro Yamada wrote: >>>> Hi Simon, >>>> >>>> >>>> I have a qustion about lists_driver_lookup_name() function. >>>> >>>> >>>> >>>> for (entry = drv; entry != drv + n_ents; entry++) { >>>> if (strncmp(name, entry->name, len)) >>>> continue; >>>> >>>> /* Full match */ >>>> if (len == strlen(entry->name)) >>>> return entry; >>>> } >>>> >>>> >>>> >>>> >>>> Why is this not like follows? >>>> >>>> >>>> >>>> >>>> for (entry = drv; entry != drv + n_ents; entry++) { >>>> if (!strcmp(name, entry->name)) >>>> return entry; >>>> } >> >> I would suggest still using strncmp as it is safer, >> but count also the '\0', so something like: > > Why safer? > > Could you give me more detailed explanation? Well, I'm not an expert in s/w security, but I'll try to explain... strcmp() walks the strings and never stops until it reaches '\0' in either of strings. In theory (or by mistake), you can supply strings that are not '\0' terminated and strcmp() will continue running on addresses where it is not supposed to. This can lead to exceptions, crashes, etc.. Since this is a library code, I would expect it to be immune to that kind of problem. But, again, I'm not an expert in this area, so its only a suggestion. -- Regards, Igor.