lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <27174519.SfbcIoB6Yp@machine> Date: Tue, 20 Oct 2020 12:17:15 +0200 From: Francis Laniel <laniel_francis@...vacyrequired.com> To: Jakub Kicinski <kuba@...nel.org> Cc: linux-hardening@...r.kernel.org, davem@...emloft.net Subject: Re: [RFC][PATCH v2 2/3] Modify return value of nla_strlcpy to match that of strscpy. Le lundi 19 octobre 2020, 18:43:55 CEST Jakub Kicinski a écrit : > On Mon, 19 Oct 2020 17:23:30 +0200 laniel_francis@...vacyrequired.com > > wrote: > > diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h > > index d4d461236351..85f4ac779399 100644 > > --- a/include/net/pkt_cls.h > > +++ b/include/net/pkt_cls.h > > @@ -4,6 +4,7 @@ > > > > #include <linux/pkt_cls.h> > > #include <linux/workqueue.h> > > > > +#include <linux/errno.h> > > Stray include. I removed it from my patch. Did you use a tool to see this include is not used? If yes, which one? > > #include <net/sch_generic.h> > > #include <net/act_api.h> > > #include <net/net_namespace.h> > > > > diff --git a/lib/nlattr.c b/lib/nlattr.c > > index 07156e581997..d692716bda78 100644 > > --- a/lib/nlattr.c > > +++ b/lib/nlattr.c > > @@ -713,30 +713,39 @@ EXPORT_SYMBOL(nla_find); > > > > * @dst: where to copy the string to > > * @nla: attribute to copy the string from > > * @dstsize: size of destination buffer > > > > + * @returns: -E2BIG if @dstsize is 0 or source buffer length greater than > > I don't think this is correct format for kdoc. I corrected it. I will take the habit to run scripts/kernel-doc on my modifications. > > + * @dstsize, otherwise it returns the number of copied characters (not > > + * including the trailing %NUL). > > > > * > > * Copies at most dstsize - 1 bytes into the destination buffer. > > > > - * The result is always a valid NUL-terminated string. Unlike > > - * strlcpy the destination buffer is always padded out. > > - * > > - * Returns the length of the source buffer. > > + * Unlike strlcpy the destination buffer is always padded out. > > > > */ > > > > -size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize) > > +ssize_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize) > > > > { > > > > + size_t len; > > + ssize_t ret; > > > > size_t srclen = nla_len(nla); > > char *src = nla_data(nla); > > Sort local variables long to short. > > > + if (dstsize == 0 || WARN_ON_ONCE(dstsize > INT_MAX)) > > You can make it > U16_MAX, attr len is 16 bit. Done for v3! > > > + return -E2BIG; > > + > > > > if (srclen > 0 && src[srclen - 1] == '\0') > > > > srclen--; > > > > - if (dstsize > 0) { > > - size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen; > > - > > - memcpy(dst, src, len); > > - /* Zero pad end of dst. */ > > - memset(dst + len, 0, dstsize - len); > > + if (srclen >= dstsize) { > > + len = dstsize - 1; > > + ret = -E2BIG; > > + } else { > > + len = srclen; > > + ret = len; > > > > } > > > > - return srclen; > > + memcpy(dst, src, len); > > + /* Zero pad end of dst. */ > > + memset(dst + len, 0, dstsize - len); > > + > > + return ret; > > > > } > > EXPORT_SYMBOL(nla_strlcpy); > > > > diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c > > index 41a55c6cbeb8..f0bf64393cbf 100644 > > --- a/net/sched/cls_api.c > > +++ b/net/sched/cls_api.c > > @@ -223,7 +223,7 @@ static inline u32 tcf_auto_prio(struct tcf_proto *tp) > > > > static bool tcf_proto_check_kind(struct nlattr *kind, char *name) > > { > > > > if (kind) > > > > - return nla_strlcpy(name, kind, IFNAMSIZ) >= IFNAMSIZ; > > + return nla_strlcpy(name, kind, IFNAMSIZ) > 0; > > Bug. > > > memset(name, 0, IFNAMSIZ); > > return false; > > > > }
Powered by blists - more mailing lists