[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/8] kern: fix printing of kmem_cache names
|
From: |
Justus Winter |
|
Subject: |
Re: [PATCH 1/8] kern: fix printing of kmem_cache names |
|
Date: |
Sun, 02 Feb 2014 13:46:54 +0100 |
|
User-agent: |
alot/0.3.4 |
Quoting Samuel Thibault (2014-02-02 00:11:59)
> Justus Winter, le Sat 01 Feb 2014 16:34:20 +0100, a écrit :
> > Quoting Samuel Thibault (2014-02-01 15:20:55)
> > > Justus Winter, le Sat 01 Feb 2014 15:09:21 +0100, a écrit :
> > > > The name field is not necessarily zero-terminated. Use a precision
> > > > argument to limit the number of characters written when printing the
> > > > name.
> > >
> > > Mmm, I'd probably rather see the name field always be zero-terminated,
> > > since that's just one place, vs the various places which would want to
> > > print it.
Oh, I was wrong about that. kmem_cache_init takes care of
zero-terminating the name.
> > I thought about doing that. But that would waste one character just
> > for the termination.
>
> That's little compared to security :)
But most of the security implications are the result of relying only
on the sentinel to terminate the string. Explicitly stating the size
of the buffer should improve security.
> > GNU Machs printf implementation supports strings with the precision
> > given as argument:
> >
> > printf ("%.*s", sizeof foo->name, foo->name);
> >
> > I think thats clean, concise and easy to use.
>
> But people would tend to forget doing it. We can't really fight that.
Sure we can, we can remove all string handling functionality that does
not require an explicit buffer size.
But I have amended my patch series, may I merge it then?
Justus
- Re: [PATCH 6/8] kern: implement task_set_name, (continued)
[PATCH 8/8] doc: document task_set_name, Justus Winter, 2014/02/01
Re: [PATCH 1/8] kern: fix printing of kmem_cache names, Samuel Thibault, 2014/02/01