On Thu, Oct 08, 2009 at 03:07:33AM +0400, Dmitry V. Levin wrote:
> Hi,
>
> On Wed, Oct 07, 2009 at 10:25:10PM +0200, Jakub Bogusz wrote:
> [...]
> > OK, updated patch attached.
>
> There are two issues remained which should be addressed.
>
> First, redundancy should be avoided.
> You patch introduces 4 very similar copies of sembuf parser.
>
> Second, user input should not be trusted at all.
> Please try your patch with the following example:
>
> $ cat semop.c
> #include <sys/sem.h>
> int main(void) {
> return semop(-1, (struct sembuf *) main, 0x1000000) < 0;
> }
>
> I pushed a fix on top of your patch to
> http://strace.git.sourceforge.net/git/gitweb.cgi?p=strace/strace;a=shortlog;h=ldv/sembuf
> Please test.
Seems to work properly, thanks.
--
Jakub Bogusz http://qboosh.pl/
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Strace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/strace-devel
