| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jun 2018 14:59:58 +0200
From: Christophe LEROY <christophe.leroy@....fr>
To: Stafford Horne <shorne@...il.com>,
LKML <linux-kernel@...r.kernel.org>
Cc: Greg KH <gregkh@...uxfoundation.org>, arnd@...db.de,
Eric Biggers <ebiggers3@...il.com>,
linux-crypto@...r.kernel.org, Max Filippov <jcmvbkbc@...il.com>,
Nick Desaulniers <nick.desaulniers@...il.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH v2 1/2] crypto: Fix -Wstringop-truncation warnings
Le 25/06/2018 à 14:45, Stafford Horne a écrit :
> As of GCC 9.0.0 the build is reporting warnings like:
>
> crypto/ablkcipher.c: In function ‘crypto_ablkcipher_report’:
> crypto/ablkcipher.c:374:2: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation]
> strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>",
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> sizeof(rblkcipher.geniv));
> ~~~~~~~~~~~~~~~~~~~~~~~~~
>
> This means the strnycpy might create a non null terminated string. Fix this by
> explicitly performing '\0' termination.
>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Cc: Arnd Bergmann <arnd@...db.de>
> Cc: Max Filippov <jcmvbkbc@...il.com>
> Cc: Eric Biggers <ebiggers3@...il.com>
> Cc: Nick Desaulniers <nick.desaulniers@...il.com>
> Signed-off-by: Stafford Horne <shorne@...il.com>
> ---
> crypto/ablkcipher.c | 2 ++
> crypto/blkcipher.c | 1 +
> 2 files changed, 3 insertions(+)
>
> diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
> index d880a4897159..1edb5000d783 100644
> --- a/crypto/ablkcipher.c
> +++ b/crypto/ablkcipher.c
> @@ -373,6 +373,7 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
> strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type));
> strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>",
> sizeof(rblkcipher.geniv));
Is it worth copying something we are going to discard at the following
line ? Shouldn't you limit the copy to sizeof(rblkcipher.geniv) - 1 ?
> + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0';
>
> rblkcipher.blocksize = alg->cra_blocksize;
> rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
> @@ -447,6 +448,7 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
> strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type));
> strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<built-in>",
> sizeof(rblkcipher.geniv));
Same comment here.
Christophe
> + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0';
>
> rblkcipher.blocksize = alg->cra_blocksize;
> rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
> diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
> index 01c0d4aa2563..dd4dcab3766a 100644
> --- a/crypto/blkcipher.c
> +++ b/crypto/blkcipher.c
> @@ -512,6 +512,7 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
> strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type));
> strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "<default>",
> sizeof(rblkcipher.geniv));
> + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0';
>
> rblkcipher.blocksize = alg->cra_blocksize;
> rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize;
>
Powered by blists - more mailing lists