On Fri, Aug 16, 2019 at 02:59:37PM +0800, Chao Yu wrote:
> On 2019/8/16 13:55, Eric Biggers wrote:
> > From: Eric Biggers <ebigg...@google.com>
> >
> > Userspace provides a null-terminated string, so don't assume that the
> > full FSLABEL_MAX bytes can always be copied.>
> > Fixes: 61a3da4d5ef8 ("f2fs: support FS_IOC_{GET,SET}FSLABEL")
>
> It may only copy redundant zero bytes, and will not hit security issue, it
> doesn't look like a bug fix?
>
> > Signed-off-by: Eric Biggers <ebigg...@google.com>
>
> Anyway, it makes sense to me.
>
> Reviewed-by: Chao Yu <yuch...@huawei.com>
>
It's not clear that userspace is guaranteed to provide a full FSLABEL_MAX bytes
in the buffer. E.g. it could provide "foo\0" followed by an unmapped page.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
