|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xen/build-id: Fix xen_build_id_check() to be robust against malformed notes
On Mon, Dec 31, 2018 at 05:34:25PM +0000, Andrew Cooper wrote: > A NT_GNU_BUILD_ID with namesz longer than 4 will cause the strncmp() to use > bytes in adjacent stringtable entries. > > Instead, check for namesz exactly equal to 4, and use memcmp() with an > explicit size. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> This LGTM: Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Albeit I wonder the usefulness of some of the checks performed by this function. I'm not sure the point of the 'n->namesz + n->descsz < n->namesz' check, I assume this is an overflow check. And then 'n->namesz + n->descsz > n_sz - sizeof(*n)' should rather be 'n->namesz + n->descsz != n_sz - sizeof(*n)' I think. Thanks, Roger. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |