[OpenWrt-Devel] [PATCH 2/3] Replace use of blobmsg_check_attr by blobmsg_check_attr_safe
yszhou4tech at gmail.com
Fri Nov 23 01:13:46 EST 2018
On Fri, 23 Nov 2018 at 13:51, Tobias Schramm <tobleminer at gmail.com> wrote:
> While I do agree that we could safely call blobmsg_check_attr I think
> that - to the uninitiated reader - calling blobmsg_check_attr_safe
> shows a lot more clearly that the methods in question are actually
> safe to use with potentially broken /untrusted input. Otherwise you
> would have to look at the implementation of __blob_for_each_attr and
> understand it first. Also I don't see any downsides to calling
> blobmsg_check_attr_safe over blobmsg_check_attr.
That depends. _safe is still a vague word. We can argue that
cautious users will dig into the implementation details to find out
what's the added ingredients to make it a safer variant and in which
ways. Or _safe is such a nice word that we should rename all func
names to have them certified and never should we use the "insecure"
p.s. please do not top post.
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel