[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: udhcpc6 expects string for bootfile-param opt(60)
From: Geoff Hanson <ghanson () arista ! com>
Date: 2022-02-23 16:14:24
Message-ID: CAHSaY_QLSu0Em_ZgcUX0HZgSQ1B4YrVX88zN3OrZSuByp2t8mA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Just following up on this patch. Are there any more comments on this?
Thanks,
Geoff
On Tue, Feb 8, 2022 at 11:58 AM Geoff Hanson <ghanson@arista.com> wrote:
> Any further feedback on this?
>
> Anything more I need to do or is what I've provided sufficient for the bug
> report?
>
> Thanks,
> Geoff
>
> On Tue, Feb 1, 2022 at 12:53 PM Geoff Hanson <ghanson@arista.com> wrote:
>
>> Hi Bernd. Can you look at my second attachment? As part of addressing the
>> issue Xabier reported,
>> I switched to using memcpy.
>>
>> Thanks,
>> Geoff
>>
>> On Tue, Feb 1, 2022 at 12:36 PM Bernd Petrovitsch <
>> bernd@petrovitsch.priv.at> wrote:
>>
>>> -Hi all!
>>>
>>> On 01.02.2022 18:12, Geoff Hanson wrote:
>>> [...]> In most cases, there's no printf directive so this just means it's
>>> > copying the string.
>>>
>>> Using some user-provided string as a format-string opens the possibility
>>> ofexploits - since decades ....
>>> > But this would cause problems in the case where the string did contain
>>> %'s.
>>>
>>> So why just not only use strncpy(), strlcpy(), memcpy() or similar?
>>>
>>> Kind regards,
>>> Bernd
>>>
>>
[Attachment #5 (text/html)]
<div dir="ltr"><div>Just following up on this patch. Are there any more comments on \
this?</div><div><br></div><div>Thanks,</div><div>Geoff<br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 8, 2022 at 11:58 AM \
Geoff Hanson <<a href="mailto:ghanson@arista.com">ghanson@arista.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div \
dir="ltr"><div>Any further feedback on this?</div><div><br></div><div>Anything more I \
need to do or is what I've provided sufficient for the bug \
report?</div><div><br></div><div>Thanks,</div><div>Geoff<br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 1, 2022 at 12:53 PM \
Geoff Hanson <<a href="mailto:ghanson@arista.com" \
target="_blank">ghanson@arista.com</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hi Bernd. Can you look at my \
second attachment? As part of addressing the issue Xabier reported,</div><div>I \
switched to using memcpy.</div><div><br></div><div>Thanks,</div><div>Geoff<br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 1, 2022 at 12:36 PM \
Bernd Petrovitsch <<a href="mailto:bernd@petrovitsch.priv.at" \
target="_blank">bernd@petrovitsch.priv.at</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex">-Hi all!<br> <br>
On 01.02.2022 18:12, Geoff Hanson wrote:<br>
[...]> In most cases, there's no printf directive so this just means \
it's<br> > copying the string.<br>
<br>
Using some user-provided string as a format-string opens the possibility <br>
ofexploits - since decades ....<br>
> But this would cause problems in the case where the string did contain \
%'s.<br> <br>
So why just not only use strncpy(), strlcpy(), memcpy() or similar?<br>
<br>
Kind regards,<br>
Bernd<br>
</blockquote></div>
</blockquote></div>
</blockquote></div>
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic