On Mon, 2014-06-30 at 16:14 +0300, Dmitry Kasatkin wrote: > On 27/06/14 16:38, David Howells wrote: > > Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > > > >> + if (strncmp(id, "id:", 3) == 0) > > >> Use memcmp() here. > > 'id' function parameter comes from "keys_ownerid" kernel parameter. > User can supply anything shorter than "id:". > Though comparing 3 bytes should not produce any memory access errors, > memcmp can access beyond the length of the string. > I think 'strcnmp' is more appropriate here... > > > >> - kid += kidlen - idlen; > >> - if (strcasecmp(id, kid) != 0) > >> - return 0; > > This test is no longer applied in the "<subtype>:..." case. > > I did not get fully what you comment here or ask to do.. > But yes, with this patch, it is no longer the case. Other than this comment, all of the other comments have been addressed. The updated patches are available from linux-integrity/next-trusted-keys. thanks, Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/