On Fri, Oct 23, 2020 at 08:29:20AM -0700, Jakub Kicinski wrote: > On Fri, 23 Oct 2020 08:07:44 +0000 David Laight wrote: > > FWIW I suspect the 'return -ERR on overflow' is going to bite us. > > Code that does p += strsxxx(p, ..., lim - p, ...) assuming (or not > > caring) about overflow goes badly wrong. > > I don't really care either way, but in netlink there's usually an > attribute per value, nothing combines strings like p += strx..(). > Looking at the conversion in patch 2 the callers just want to > check for overflow.
Right -- this is a very narrow use-case (NLA). I think this series is fine as-is. -- Kees Cook
