| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Jul 2018 10:00:23 +0200
From: Dominique Martinet <asmadeus@...ewreck.org>
To: Himanshu Jha <himanshujha199640@...il.com>
Cc: Michal Marek <michal.lkml@...kovi.net>,
Nicolas Palix <nicolas.palix@...g.fr>,
linux-kernel@...r.kernel.org, cocci@...teme.lip6.fr,
Ville Syrjälä <ville.syrjala@...ux.intel.com>
Subject: Re: [Cocci] [PATCH 01/18] coccinelle: change strncpy+truncation to
strlcpy
Himanshu Jha wrote on Fri, Jul 13, 2018:
> > I expect each maintainer will pick their share of the patchs if they
> > agree with it and the rest will just be dropped?
>
> Masahiro Yamada <yamada.masahiro@...ionext.com> takes coccinelle patches,
> so please cc him or your patch would be lost.
Thanks, will do.
> > +virtual patch
> > +virtual context
>
> You might consider adding context rule or remove this line perhaps ?
Victim of copypasta, I'll remove this.
> > +-strncpy@p(
> > ++strlcpy(
> > + dest, src, sz);
> > +-dest[sz - 1] = '\0';
>
> The above rule produces an output that I think is not correct:
> --------------------------------------------------------------
> diff =
> diff -u -p a//ti/wl1251/acx.c b//ti/wl1251/acx.c
> --- a//ti/wl1251/acx.c
> +++ b//ti/wl1251/acx.c
> @@ -150,14 +150,7 @@ int wl1251_acx_fw_version(struct wl1251
> }
>
> /* be careful with the buffer sizes */
> - strncpy(buf, rev->fw_version, min(len, sizeof(rev->fw_version)));
> -
> - /*
> - * if the firmware version string is exactly
> - * sizeof(rev->fw_version) long or fw_len is less than
> - * sizeof(rev->fw_version) it won't be null terminated
> - */
> - buf[min(len, sizeof(rev->fw_version)) - 1] = '\0';
> + strlcpy(buf, rev->fw_version, min(len, sizeof(rev->fw_version)));
>
> -----------------------------------------------------------------
>
> I think the comment is useful and should not be removed.
I agree this comment is useful now that I'm taking a closer look, I
glanced at this too fast.
I'm not sure how to make coccinelle not remove comments between lines
though?
> Also, consider changing Confidence level appropriately.
I am (was?) pretty confident on the change itself, the only exceptions
would be if someone relied on strncpy to fill the end of the buffer with
zero to not leak data somewhere but that is not easy to judge by itself
(although I hope rare enough)
I'm honestly not sure what would be appropriate in this case.
--
Dominique Martinet
Powered by blists - more mailing lists