| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Sep 2023 22:31:20 -0700
From: Justin Stitt <justinstitt@...gle.com>
To: Samuel Thibault <samuel.thibault@...-lyon.org>,
Justin Stitt <justinstitt@...gle.com>,
Kees Cook <keescook@...omium.org>,
William Hubbs <w.d.hubbs@...il.com>,
Chris Brannon <chris@...-brannons.com>,
Kirk Reiser <kirk@...sers.ca>, speakup@...ux-speakup.org,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] accessibility: speakup: refactor deprecated strncpy
On Sat, Sep 16, 2023 at 4:08 PM Samuel Thibault
<samuel.thibault@...-lyon.org> wrote:
>
> Hello,
>
> Justin Stitt, le ven. 25 août 2023 15:41:03 -0700, a ecrit:
> > Thanks for the review Kees and Samuel. Hoping to get this picked-up soon :)
> >
> > FWIW, I've quickly copy/pasted Kees' suggested refactor of
> > synth_direct_store and rebased against v6.5-rc7 if anyone has the
> > means by which to test it.
> >
> > TEST PATCH BELOW
> > ---
> > From e7216bca30673a162660c51f8bad3b463d283041 Mon Sep 17 00:00:00 2001
> > From: Justin Stitt <justinstitt@...gle.com>
> > Date: Fri, 25 Aug 2023 22:32:03 +0000
> > Subject: [PATCH NEEDS TEST] synth_direct_store refactor to use synth_write
> >
> > I've just copy/pasted Kees' suggestion here [1] and rebased it against
> > 6.5-rc7.
> >
> > This patch needs testing as it refactors behavior in synth_direct_store.
> >
> > [1]: https://lore.kernel.org/all/202308251439.36BC33ADB2@keescook/
> >
> > Signed-off-by: Justin Stitt <justinstitt@...gle.com>
>
> Tested-by: Samuel Thibault <samuel.thibault@...-lyon.org>
>
> but please submit it properly :) It was completely mangled in the mail.
Got it, here's a v2:
https://lore.kernel.org/all/20230918-strncpy-drivers-accessibility-speakup-kobjects-c-v2-1-d5b1976c5dbf@google.com/
>
> > ---
> > drivers/accessibility/speakup/kobjects.c | 25 +++++++++++-------------
> > 1 file changed, 11 insertions(+), 14 deletions(-)
> >
> > diff --git a/drivers/accessibility/speakup/kobjects.c
> > b/drivers/accessibility/speakup/kobjects.c
> > index a7522d409802..0dfdb6608e02 100644
> > --- a/drivers/accessibility/speakup/kobjects.c
> > +++ b/drivers/accessibility/speakup/kobjects.c
> > @@ -413,27 +413,24 @@ static ssize_t synth_direct_store(struct kobject *kobj,
> > struct kobj_attribute *attr,
> > const char *buf, size_t count)
> > {
> > - u_char tmp[256];
> > - int len;
> > - int bytes;
> > - const char *ptr = buf;
> > + char *unescaped;
> > unsigned long flags;
> >
> > if (!synth)
> > return -EPERM;
> >
> > - len = strlen(buf);
> > + unescaped = kstrdup(buf, GFP_KERNEL);
> > + if (!unescaped)
> > + return -ENOMEM;
> > +
> > + string_unescape_any_inplace(unescaped);
> > +
> > spin_lock_irqsave(&speakup_info.spinlock, flags);
> > - while (len > 0) {
> > - bytes = min_t(size_t, len, 250);
> > - strncpy(tmp, ptr, bytes);
> > - tmp[bytes] = '\0';
> > - string_unescape_any_inplace(tmp);
> > - synth_printf("%s", tmp);
> > - ptr += bytes;
> > - len -= bytes;
> > - }
> > + synth_write(unescaped, strlen(unescaped));
> > spin_unlock_irqrestore(&speakup_info.spinlock, flags);
> > +
> > + kfree(unescaped);
> > +
> > return count;
> > }
> >
> > --
> > 2.42.0.rc1.204.g551eb34607-goog
> >
>
> --
> Samuel
> ---
> Pour une évaluation indépendante, transparente et rigoureuse !
> Je soutiens la Commission d'Évaluation de l'Inria.
Powered by blists - more mailing lists