lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202010211646.28D4C5642@keescook> Date: Wed, 21 Oct 2020 16:46:23 -0700 From: Kees Cook <keescook@...omium.org> To: laniel_francis@...vacyrequired.com Cc: linux-hardening@...r.kernel.org, netdev@...r.kernel.org, davem@...emloft.net, kuba@...nel.org Subject: Re: [RFC][PATCH v3 1/3] Fix unefficient call to memset before memcpu in nla_strlcpy. On Tue, Oct 20, 2020 at 06:47:05PM +0200, laniel_francis@...vacyrequired.com wrote: > From: Francis Laniel <laniel_francis@...vacyrequired.com> > > Before this commit, nla_strlcpy first memseted dst to 0 then wrote src into it. > This is inefficient because bytes whom number is less than src length are written > twice. > > This patch solves this issue by first writing src into dst then fill dst with > 0's. > Note that, in the case where src length is higher than dst, only 0 is written. > Otherwise there are as many 0's written to fill dst. > > For example, if src is "foo\0" and dst is 5 bytes long, the result will be: > 1. "fooGG" after memcpy (G means garbage). > 2. "foo\0\0" after memset. > > Signed-off-by: Francis Laniel <laniel_francis@...vacyrequired.com> Looks good! (If there are future versions of this series, I think you can drop the RFC part...) Reviewed-by: Kees Cook <keescook@...omium.org> -- Kees Cook
Powered by blists - more mailing lists