On 2017/05/04 12:45PM, David Laight wrote:
> From: Naveen N. Rao [mailto:naveen.n@linux.vnet.ibm.com]
> > Sent: 04 May 2017 11:25
> > Use safer string manipulation functions when dealing with a
> > user-provided string in kprobe_lookup_name().
> >
> > Reported-by: David Laight
From: Paul Clarke
> Sent: 04 May 2017 16:07
...
> > + if ((c = strnchr(name, MODULE_NAME_LEN, ':')) != NULL) {
>
> Shouldn't this be MODULE_NAME_LEN + 1, since the ':' can come after a module
> name of length
> MODULE_NAME_LEN?
No, because MODULE_NAME_LEN includes the terminating '\0'.
On 05/04/2017 05:24 AM, Naveen N. Rao wrote:
> Use safer string manipulation functions when dealing with a
> user-provided string in kprobe_lookup_name().
>
> Reported-by: David Laight
> Signed-off-by: Naveen N. Rao
> ---
> Changed to
From: Naveen N. Rao [mailto:naveen.n@linux.vnet.ibm.com]
> Sent: 04 May 2017 11:25
> Use safer string manipulation functions when dealing with a
> user-provided string in kprobe_lookup_name().
>
> Reported-by: David Laight
> Signed-off-by: Naveen N. Rao