Re: [PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit

On Tue, 2005-05-24 at 16:11 -0500, Klaus Weidner wrote: > > I wouldn't claim to be 100% convinced that it's always nul-terminated, > > but we were relying on that already so OK. > > Good thing we're not trying to get certified at EAL7, this doesn't quite > meet "formally verified design" requirements ;-) Heh, yeah. I do remember going through the code at one point for some reason any trying to convince myself it was always NUL-terminated. I _think_ it is, but I don't 100% recall my conclusion, or even why I was checking. Once upon a time it certainly wasn't, but now I think it is. I wouldn't have introduced such an assumption without going through and checking for myself, but since we were already making that assumption I'm prepared to trust it for now.