[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Console user mount patch and FC3

From: Hans de Goede <j w r degoede hhs nl>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Subject: Re: Console user mount patch and FC3
Date: Thu, 30 Sep 2004 18:35:41 +0200

Alan Cox wrote:

On Thu, Sep 30, 2004 at 11:59:37AM -0400, John (J5) Palmieri wrote:
This is in reference to RH bug#133941.  It is suggested I take this
discussion to fedora-devel.  What is keeping this patch out of FC3?  I
Had a quick look. It contains an obvious missing null pointer check. Would also need security review against pam_console and an explanation of why it relies on pam_console innards (paths etc)

Also snprintf doesn't need to be passed bufsize - 1, but just bufsize, from info libc:

The `snprintf' function is similar to `sprintf', except that the
SIZE argument specifies the maximum number of characters to
produce.  The trailing null character is counted towards this
limit, so you should allocate at least SIZE characters for the
string S.

The morale: this looks a really quick hack for a suid binary like mount!

Regards,

Hans

References:
- Console user mount patch and FC3
  - From: John (J5) Palmieri
- Re: Console user mount patch and FC3
  - From: Alan Cox

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]