Yan Zheng
2007-Sep-20 07:46 UTC
[btrfs-devel][patch]use strnlen to deal with string from user space
Hello I think strlen is unsafe here Regards YZ diff -r 24c661119092 inode.c --- a/inode.c Mon Sep 17 11:25:58 2007 -0400 +++ b/inode.c Thu Sep 20 22:25:34 2007 +0800 @@ -1985,7 +1988,7 @@ static int btrfs_ioctl_snap_create(struc if (copy_from_user(&vol_args, arg, sizeof(vol_args))) return -EFAULT; - namelen = strlen(vol_args.name); + namelen = strnlen(vol_args.name, BTRFS_VOL_NAME_MAX + 1); if (namelen > BTRFS_VOL_NAME_MAX) return -EINVAL; if (strchr(vol_args.name, '/'))
Reasonably Related Threads
- [Patch] Btrfs: use BTRFS_VOL_NAME_MAX for struct btrfs_ioctl_vol_args
- [PATCH] Null terminate strings passed in from userspace
- [PATCH 001/001] btrfs: Mechanism to modify the permission of a subvolume
- [PATCH 0/5] asynchronous commit, snapshot ponies
- [PATCH]Add rollback support for the converter