Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Li

libcdio-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Li

From:	Burkhard Plaum
Subject:	Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux
Date:	Tue, 28 Nov 2006 11:04:44 +0100
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.7.12-1.3.1

Hi,

R. Bernstein wrote:

I guess nothing based on /sys just yet.


No. It can be added later, but for older kernels (without /sys),
we need a fallback anyway. And since the current method should work
for *all* linuxes, I don't know if it's worth the effort to implement
something more advanced.

Sorry for the late comment. I notice in cdio_follow_symlink() of
lib/driver/util.c some strcpy's used. Isn't good security practice to
use strncpy instead? Especially when one has the max length around
(PATH_MAX, and/or len)?


The question is: Can we trust PATH_MAX? The destination arrays are
always PATH_MAX large, so an overflow occurs only if the src is larger than
PATH_MAX. But can this happen? If yes, than we should change strcpy to
strncpy, that's right. And then: Does PATH_MAX include the trailing '\0'?
If not, we should make the arrays one byte longer.

Burkhard

[Prev in Thread]

Current Thread

[Next in Thread]

[Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, plaum, 2006/11/20
- [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/20
  - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, plaum, 2006/11/20
- [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/20
  - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, plaum, 2006/11/21
    - Message not available
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, plaum, 2006/11/27
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, Burkhard Plaum <=
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, Burkhard Plaum, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, Burkhard Plaum, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, Burkhard Plaum, 2006/11/28
    - Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux, R. Bernstein, 2006/11/28

Prev by Date: Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux
Next by Date: Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux
Previous by thread: Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux
Next by thread: Re: [Libcdio-devel] [Patch] More bullet-proof drive detection for GNU/Linux
Index(es):
- Date
- Thread