You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It looks like strncpy_from_user() is a confusingly named string copier for crossing kernel/user memory boundary, but it's named badly because it does not NUL-pad the destination, but it does NOT guarantee NUL-termination. Grrrr.
The text was updated successfully, but these errors were encountered:
This runs parallel to #90 in that we want to remove this
strncpycall in favor of a less ambiguous and more robust api likestrscpyorstrtomem.There is a pathological class of
strncpy_from_user()functions which you can see here:https://elixir.bootlin.com/linux/v6.3/source/arch/um/kernel/skas/uaccess.c#L168
Kees had some insights:
The text was updated successfully, but these errors were encountered: