>>
>> +buf[len] = '\0';
>> +
>
> I think it would be more appropriate here to check if buf[len] == '\0' and
> return an error otherwise.
Nevermind, I just had a closer look and I actually think your approach
is fine. I hadn't considered the possibility of someone deliberately
passing a non-
Am 27. September 2017 03:13:34 MESZ schrieb miaoq...@codeaurora.org:
>From: Miaoqing Pan
>
>When the user sets count to zero the string buffer would remain
>completely uninitialized which causes the kernel to parse its
>own stack data, potentially leading to an info leak. In addition
>to that, the
From: Miaoqing Pan
When the user sets count to zero the string buffer would remain
completely uninitialized which causes the kernel to parse its
own stack data, potentially leading to an info leak. In addition
to that, the string might be not terminated properly when the
user data does not contai
