On Fri, Aug 21, 2009 at 01:30:14PM +0200, Vladimir 'phcoder' Serbinenko wrote:
> >
> >> +grub_err_t
> >> +grub_auth_check_authentication (const char *userlist)
> >> +{
> >> + char login[1024] = {0};
> >
> > Please avoid arbitrary limits. If the grub_cmdline_get() API is enforcing
> > them, then this function is wrong and should be using malloc() instead
> > (like,
> > say, getline() or asprintf() do).
> >
>
> If user has a username longer than 1K it can mean only that he is
> trying to execute buffer overflow.
Maybe. Or maybe it's just 8 bytes and we're claiming 1K of stack
unnecessarily.
In any case, GCS mandates that we avoid arbitrary length limits:
http://www.gnu.org/prep/standards/standards.html#Semantics
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
