Robert Hancock wrote:
Randy.Dunlap wrote:
The latter one does (before the listed code):
memset(line, 0, LINE_SIZE);
if (len > LINE_SIZE)
len = LINE_SIZE;
if (copy_from_user(line, buf, len - 1))
return -EFAULT;
so isn't line[LINE_SIZE - 1] always 0 ?
In that case, yes (I hadn't looked at the surrounding code). Rather an
odd way of doing it, but shouldn't have that problem. Could still be
subject to problems if buf contains a null at the first character,
unless they're somehow preventing that too..
Yes, that's still a problem.
--
~Randy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
