On Tue, May 24, 2011 at 02:43:51PM -0400, Eric B Munson wrote:
> String comparison in hugetlb_setup_env is done in an inconsisten way. This
> could be a problem as using str[case]cmp instead of strncasecmp implies a
> level
> of trust in the data being handed in by the user. This patch alters all the
> calls to string comparison functions to be strncasecmp as they are elsewhere
> in
> the library.
Hrm, in this case not much trust, actually. All we require is that we
will reach a NULL before overring the end of the environment, which I
believe is guaranteed by kernel environment handling before entry (and
I believe getenv() will already rely on it).
strcasecmp() will also terminate when it hits the end of either string
- and the second argument is certainly bounded. So a ludicrously
large environment can't even chew up processing time in the
strcasecmp().
Although, as a rule, length limited comparisons are a good idea, I
don't think it's necessary in this case. Moreover, switching to
strncasecmp() in this fairly naive way changes the meaning of the
code. Whereas previously it checked that the environment variable was
equal to "yes" or whatever, after this patch it would merely check
that the variable starts with "yes", so "yesterday" would match for
example.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery,
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now.
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
Libhugetlbfs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libhugetlbfs-devel
