Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S270154AbTGMHu7 (ORCPT ); Sun, 13 Jul 2003 03:50:59 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S270155AbTGMHu6 (ORCPT ); Sun, 13 Jul 2003 03:50:58 -0400 Received: from pc2-cwma1-4-cust86.swan.cable.ntl.com ([213.105.254.86]:28347 "EHLO lxorguk.ukuu.org.uk") by vger.kernel.org with ESMTP id S270154AbTGMHuy (ORCPT ); Sun, 13 Jul 2003 03:50:54 -0400 Subject: Re: SECURITY - data leakage due to incorrect strncpy implementation From: Alan Cox To: Horst von Brand Cc: Linux Kernel Mailing List , torvalds@osdl.org In-Reply-To: <200307122128.h6CLSGf1006376@eeyore.valparaiso.cl> References: <200307122128.h6CLSGf1006376@eeyore.valparaiso.cl> Content-Type: text/plain Content-Transfer-Encoding: 7bit Organization: Message-Id: <1058083373.31918.11.camel@dhcp22.swansea.linux.org.uk> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 (1.2.2-5) Date: 13 Jul 2003 09:02:53 +0100 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 531 Lines: 12 On Sad, 2003-07-12 at 22:28, Horst von Brand wrote: > Perhaps there should be a strncpy_touser() to make it crystal clear that it > _can't_ be "optimized" into strlcpy() The direct to_user functions are not normally a problem. The data they fail to clear is the users own data anyway. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/