[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: SECURITY - data leakage due to incorrect strncpy implementation
From:       Alan Cox <alan () lxorguk ! ukuu ! org ! uk>
Date:       2003-07-11 22:50:15
[Download RAW message or body]

On Gwe, 2003-07-11 at 23:44, Linus Torvalds wrote:
> On 11 Jul 2003, Alan Cox wrote:
> > 
> > Lots of kernel drivers rely on the libc definition of strncpy. 
> 
> But that's ok. We _do_ do the padding. I hated it when I wrote it, but as 
> far as I know, the kernel strncpy() has done padding pretty much since day 
> one.

/**
 * strncpy - Copy a length-limited, %NUL-terminated string
 * @dest: Where to copy the string to
 * @src: Where to copy the string from
 * @count: The maximum number of bytes to copy
 *
 * Note that unlike userspace strncpy, this does not %NUL-pad the buffer.
 * However, the result is not %NUL-terminated if the source exceeds
 * @count bytes.
 */

Only x86 does the padding 

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic