On Tue, 6 Nov 2001 dank@trellisinc.com wrote:
>"code poet?" you've plucked an 80 from the air. regardless of what the
>kernel prints now and how it's limited (deep within drivers/block/genhd.c),
>there is no reference to this silent 63 via either explicit comment or
>pure code. your code remains happily ignorant of any modification to this
>postcondition, and when that changes (as it surely will), you lose. it's
>uninspired coding like the above that keeps the buffer overflow
>technique alive.
Exactly. Just because the code _currently_ won't generate more than 63
chars doesn't mean it always will. And who says the application will see
the true, kernel generated "/proc/partitions"? <raises eyebrow>
>c string processing is all of doable, mature, and meticulous. "done
>properly by beginners" is not how i would describe it.
Experience shows beginners rarely get thing right the first time out. (Or
the second or third time if they are like some of my previous students.)
--Ricky
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Nov 07 2001 - 21:00:33 EST