Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757643AbZKERs2 (ORCPT ); Thu, 5 Nov 2009 12:48:28 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1756598AbZKERs1 (ORCPT ); Thu, 5 Nov 2009 12:48:27 -0500 Received: from smtp1.linux-foundation.org ([140.211.169.13]:41400 "EHLO smtp1.linux-foundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755299AbZKERs1 (ORCPT ); Thu, 5 Nov 2009 12:48:27 -0500 Date: Thu, 5 Nov 2009 09:47:22 -0800 (PST) From: Linus Torvalds X-X-Sender: torvalds@localhost.localdomain To: Jiri Kosina cc: Michael Gilbert , Michael Buesch , Jack Steiner , linux-kernel@vger.kernel.org, stable@kernel.org Subject: Re: CVE-2009-2584 In-Reply-To: Message-ID: References: <20091104170542.e40b12ec.michael.s.gilbert@gmail.com> User-Agent: Alpine 2.01 (LFD 1184 2008-12-16) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 758 Lines: 23 On Thu, 5 Nov 2009, Linus Torvalds wrote: > { > - unsigned long val; > - char buf[80]; > + char buf[16]; On third thought, this was too aggressive. Using "0x%16ul" as a format on 64-bit machines is reasonable, so 19 bytes of buffer is not insane (with the terminating NUL). Of course, it never used to accept hex numbers, so it's not like it would have worked before, but the point is that I cut down the buffer unnecessarily strictly. Can anybody see anything else wrong in that suggested fix? Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/