Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy

From: YOSHIFUJI Hideaki / 吉藤英明
Date: Thu Nov 27 2003 - 15:48:51 EST

Next message: Mikulas Patocka: "Re: BUG (non-kernel), can hurt developers."
Previous message: Misha Nasledov: "Re: APM Suspend Problem"
In reply to: Russell King: "Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy"
Next in thread: Murray J. Root: "Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <20031127200041.B25015@xxxxxxxxxxxxxxxxxxxxxx> (at Thu, 27 Nov 2003 20:00:41 +0000), Russell King <rmk+lkml@xxxxxxxxxxxxxxxx> says:

> The thing that worries me is that an incorrect strlcpy() conversion
> gives the impression that someone has thought about buffer underruns
> as well as overruns, and, unless someone /has/ actually thought about
> it, there could well still be a security problem lurking there.

Hmm, what do you actually mean by "buffer underruns?"

(If I'm correct) do you suggest that we should zero-out rest of
destination buffer?

if so, we may want to have a function, say strlcpy0(), like this:

size_t strlcpy0(char *dst, const char *src, size_t maxlen)
{
size_t len = strlcpy(dst, src, maxlen);
if (maxlen && len < maxlen - 1)
memset(dst + len + 1, 0, maxlen - len - 1);
return len;
}

--yoshfuji
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mikulas Patocka: "Re: BUG (non-kernel), can hurt developers."
Previous message: Misha Nasledov: "Re: APM Suspend Problem"
In reply to: Russell King: "Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy"
Next in thread: Murray J. Root: "Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]