Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp3947382rwl; Tue, 27 Dec 2022 18:43:45 -0800 (PST) X-Google-Smtp-Source: AMrXdXszXcLp+hqfe/WQg24jg86sfVQGgptvzfuUHLOoc9Rmp/NCXaRWFHg5z2R1XrPguKMkQUuT X-Received: by 2002:a17:907:d407:b0:7ad:f962:dba1 with SMTP id vi7-20020a170907d40700b007adf962dba1mr22738949ejc.53.1672195425349; Tue, 27 Dec 2022 18:43:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672195425; cv=none; d=google.com; s=arc-20160816; b=mpVzfNdsi29kFZgMD/zDqmKF7CbT0Ntg5U880rVrUmQ+laNntdt1j1P07tziQD/qxo tZFuf8cjhRzcqHtA89tjSt3kF0ek5ztT/PDm0vqAp/PtTjadxoY7VkgWSu7QxnwUMOaZ XHZQtXbLKJfgUfxWYp2a84CMrmPS9iA5Rc7jX6tXpc9324Bdjr0h82FROBpo4OuIPPDF U60LJ83gCQiRXnpY9XHYLobL03CLwEFDKiJAZN87e+Qxrfl7v84cuRaI0/sMGwWy3PSu jCAazArWF1EY5jl6hsYU9Vn5Yb3UUh0WYcNVoUwjC6jAvqY2K78D57zbFfCuc5ETBh1i 0CUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:subject:cc:to:from:mime-version:references :in-reply-to:message-id:date; bh=ZX/gx5ad7K/Uu4a/hot9kMxXr5DpRRjM5SWw9pmbh/0=; b=WWkOLN0XUfCMYPl+MqLW0vOVSxvokZ925lxw/Z0TqLenYOVR7xB4B1x8ByO1YVdRqY sFy/qWW3Ptfa0UJ+dwHbkrPfFUT0mMl6sw2Pb1Qu0H9uFCcblauKPbBLeKnstY9XHHQN xi4STLfXN/w5Ac60yY9EwogtzUJRXjNBoeAU/s6QT+EN/DhzaxXnNUPtuyZl07KJK7TF zXDdWGkJd94kwcP7blnlpE9EYwTqXK4oPuPB73O+Jsxt8RFdFzfWAyGA/mC2DO5hSmwL T1RZ03IVe82QUy/+6PObv4ujvHWhRGsO92xgw3zBoesiqZoAUCzjmve7N0XsNmPxYIxW Qp1Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zte.com.cn Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id go11-20020a1709070d8b00b0081a9c3ca4bcsi13424720ejc.379.2022.12.27.18.43.27; Tue, 27 Dec 2022 18:43:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zte.com.cn Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229745AbiL1BZz (ORCPT + 65 others); Tue, 27 Dec 2022 20:25:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58154 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229475AbiL1BZw (ORCPT ); Tue, 27 Dec 2022 20:25:52 -0500 Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [63.216.63.40]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 77519DF14; Tue, 27 Dec 2022 17:25:50 -0800 (PST) Received: from mse-fl1.zte.com.cn (unknown [10.5.228.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mxhk.zte.com.cn (FangMail) with ESMTPS id 4NhYkN0xZSz8R039; Wed, 28 Dec 2022 09:25:48 +0800 (CST) Received: from szxlzmapp01.zte.com.cn ([10.5.231.85]) by mse-fl1.zte.com.cn with SMTP id 2BS1PiuS035967; Wed, 28 Dec 2022 09:25:44 +0800 (+08) (envelope-from yang.yang29@zte.com.cn) Received: from mapi (szxlzmapp01[null]) by mapi (Zmail) with MAPI id mid14; Wed, 28 Dec 2022 09:25:45 +0800 (CST) Date: Wed, 28 Dec 2022 09:25:45 +0800 (CST) X-Zmail-TransId: 2b0363ab9b194061ad10 X-Mailer: Zmail v1.0 Message-ID: <202212280925459299284@zte.com.cn> In-Reply-To: References: 202212231040562072342@zte.com.cn,0fb8a86a-ca92-8d5f-99da-6815b2d5ec3e@gmx.de,eaad272203baa65ad65ac2206e5197595c88508e.camel@HansenPartnership.com,279ea596-6a20-0bb8-39c3-67b45d7425a6@gmx.de,ca6e40fff619aa16cb178382f5404d047ed08f3c.camel@HansenPartnership.com Mime-Version: 1.0 From: To: Cc: , , , Subject: =?UTF-8?B?UmU6IFtQQVRDSCBsaW51eC1uZXh0XSBwYXJpc2M6IHVzZSBzdHJzY3B5KCkgdG8gaW5zdGVhZCBvZiBzdHJuY3B5KCk=?= Content-Type: text/plain; charset="UTF-8" X-MAIL: mse-fl1.zte.com.cn 2BS1PiuS035967 X-Fangmail-Gw-Spam-Type: 0 X-FangMail-Miltered: at cgslv5.04-192.168.250.137.novalocal with ID 63AB9B1C.000 by FangMail milter! X-FangMail-Envelope: 1672190748/4NhYkN0xZSz8R039/63AB9B1C.000/10.5.228.132/[10.5.228.132]/mse-fl1.zte.com.cn/ X-Fangmail-Anti-Spam-Filtered: true X-Fangmail-MID-QID: 63AB9B1C.000/4NhYkN0xZSz8R039 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE,SPF_PASS,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > the array buf[] is actually buf[count], so if count < 64 then > sizeof(buf) < sizeof(in) and you're copying whatever is after buf on > the stack or wherever it comes from. The amount you copy into in[] > truly has to be the smaller of count and sizeof(in). These are file > operations, so you shouldn't rely on buf[] being null terminated > (kernfs ensures it is, but it's a dangerous thing to rely on in the > face of someone trying to exploit a stack smashing attack). Should we send patchv3 which is back to v1, or we directly use patchv1 to continue the reviewing? Thanks!