package kernel-source-2.4.27 reopen 280492 thanks > Both 2.4 and 2.6 upstream do not NULL terminate dest > if count is exceeded. This is documented in the kernel > and appears to be quite intentional. I am closing this > accordingly.
I think you missed the point here. The problem is that if the copied string is shorter than the destination buffer, part of the old contents of the destination remains unchanged and might be leaked to userspace. This behaviour IS fixed in 2.6, so upstream thinks it IS a (small) problem [1]. BTW, I found a patch for ppc64 and s390 [2]. [1] http://marc.theaimsgroup.com/?l=linux-kernel&m=105796021120436&w=2 [2] http://www.ultramonkey.org/bugs/patch/linux-2.4.21-strncpy-zero-pad.patch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
