lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2449441.JnRqNryMRx@machine> Date: Tue, 20 Oct 2020 12:18:58 +0200 From: Francis Laniel <laniel_francis@...vacyrequired.com> To: Jakub Kicinski <kuba@...nel.org> Cc: Kees Cook <keescook@...omium.org>, linux-hardening@...r.kernel.org, davem@...emloft.net Subject: Re: [RFC][PATCH v2 0/3] Fix inefficiences and rename nla_strlcpy Le mardi 20 octobre 2020, 01:34:12 CEST Jakub Kicinski a écrit : > On Mon, 19 Oct 2020 15:58:36 -0700 Kees Cook wrote: > > On Mon, Oct 19, 2020 at 09:45:15AM -0700, Jakub Kicinski wrote: > > > On Mon, 19 Oct 2020 17:23:28 +0200 laniel_francis@...vacyrequired.com > > > > > > wrote: > > > > To sum up, the first patch fixes an inefficiency where some bytes in > > > > dst were written twice, one with 0 the other with src content. > > > > The second one modifies nla_strlcpy to return the same value as > > > > strscpy, > > > > i.e. number of bytes written or -E2BIG if src was truncated. > > > > The third rename nla_strlcpy to nla_strcpy. > > > > > > > > Unfortunately, I did not find how to create struct nlattr objects so I > > > > tested my modifications on simple char*. > > > > This is why I tag this patch set as RFC. > > > > > > > > If you see any way to improve the code or have any remark, feel free > > > > to comment.> > > > > You follow semantics of strscpy, yet rename to strcpy. Wouldn't it be > > > more intuitive for developers to rename to nla_strscpy? > > > > It's closer to strscpy_pad() but that seems a long name. What's > > preferred from the NLA perspective? > > I think the pad part is pretty much implied in the netlink world. > All this stuff goes to user space, so we can't have uninit memory. > We may get more informed opinions once this hits netdev@. I will rename it nla_strscpy for the next version and we will discuss the name with the netdev list.
Powered by blists - more mailing lists