| To: | rmk+lkml@xxxxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy |
| From: | YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx> |
| Date: | Fri, 28 Nov 2003 05:47:24 +0900 (JST) |
| Cc: | felipe_alfaro@xxxxxxxxxxxxx, davem@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, yoshfuji@xxxxxxxxxxxxxx |
| In-reply-to: | <20031127200041.B25015@flint.arm.linux.org.uk> |
| Organization: | USAGI Project |
| References: | <20031127194602.A25015@flint.arm.linux.org.uk> <20031128.045413.133305490.yoshfuji@linux-ipv6.org> <20031127200041.B25015@flint.arm.linux.org.uk> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
In article <20031127200041.B25015@xxxxxxxxxxxxxxxxxxxxxx> (at Thu, 27 Nov 2003
20:00:41 +0000), Russell King <rmk+lkml@xxxxxxxxxxxxxxxx> says:
> The thing that worries me is that an incorrect strlcpy() conversion
> gives the impression that someone has thought about buffer underruns
> as well as overruns, and, unless someone /has/ actually thought about
> it, there could well still be a security problem lurking there.
Hmm, what do you actually mean by "buffer underruns?"
(If I'm correct) do you suggest that we should zero-out rest of
destination buffer?
if so, we may want to have a function, say strlcpy0(), like this:
size_t strlcpy0(char *dst, const char *src, size_t maxlen)
{
size_t len = strlcpy(dst, src, maxlen);
if (maxlen && len < maxlen - 1)
memset(dst + len + 1, 0, maxlen - len - 1);
return len;
}
--yoshfuji
|
| Previous by Date: | Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy, Russell King |
|---|---|
| Next by Date: | Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy, Felipe Alfaro Solana |
| Previous by Thread: | Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy, Russell King |
| Next by Thread: | Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy, Felipe Alfaro Solana |
| Indexes: | [Date] [Thread] [Top] [All Lists] |