On Tue, 9 Jan 2018 17:55:47 +0800 [email protected] wrote: > From: Changbin Du <[email protected]> > > The parser parse every string into parser.buffer. And some of the callers > assume that parser.buffer contains a C string. So it is dangerous that the > parser returns a unterminated string. The userspace can leverage this to > attack the kernel.
Is this only a bug if we apply your first patch? -- Steve
