On Sun, 17 Nov 2019 20:38:59 +0100, Alexander Bluhm wrote: > I think the best way to handle it, is to make the kernel strict and > fix userland. If the kernel would allow the sloppiest userland > program to succeed, creating security would be hard.
Sorry, I don't agree. We cannot expect userland to fill in a non-standard length field. The kernel ioctl handler should set sa_len appropriately instead. - todd
