lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231211-strncpy-drivers-net-mdio-mdio-gpio-c-v3-1-76dea53a1a52@google.com> Date: Mon, 11 Dec 2023 19:10:00 +0000 From: Justin Stitt <justinstitt@...gle.com> To: Andrew Lunn <andrew@...n.ch>, Heiner Kallweit <hkallweit1@...il.com>, Russell King <linux@...linux.org.uk>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com> Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org, Justin Stitt <justinstitt@...gle.com> Subject: [PATCH v3] net: mdio-gpio: replace deprecated strncpy with strscpy strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect new_bus->id to be NUL-terminated but not NUL-padded based on its prior assignment through snprintf: | snprintf(new_bus->id, MII_BUS_ID_SIZE, "gpio-%x", bus_id); Due to this, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. We can also use sizeof() instead of a length macro as this more closely ties the maximum buffer size to the destination buffer. Do this for two instances. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@...r.kernel.org Signed-off-by: Justin Stitt <justinstitt@...gle.com> --- Changes in v3: - swap another instance of MII_BUS_ID_SIZE to sizeof() (thanks Russell) - rebase onto mainline bee0e7762ad2c602 - Link to v2: https://lore.kernel.org/r/20231207-strncpy-drivers-net-mdio-mdio-gpio-c-v2-1-c28d52dd3dfe@google.com Changes in v2: - change subject line as it was causing problems in patchwork with "superseded" label being improperly applied. - update commit msg with rationale around sizeof() (thanks Kees) - Link to v1 (lore): https://lore.kernel.org/r/20231012-strncpy-drivers-net-mdio-mdio-gpio-c-v1-1-ab9b06cfcdab@google.com - Link to v1 (patchwork): https://patchwork.kernel.org/project/netdevbpf/patch/20231012-strncpy-drivers-net-mdio-mdio-gpio-c-v1-1-ab9b06cfcdab@google.com/ - Link to other patch with same subject message: https://patchwork.kernel.org/project/netdevbpf/patch/20231012-strncpy-drivers-net-phy-mdio_bus-c-v1-1-15242e6f9ec4@google.com/ --- Note: build-tested only. Found with: $ rg "strncpy\(" --- drivers/net/mdio/mdio-gpio.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/mdio/mdio-gpio.c b/drivers/net/mdio/mdio-gpio.c index 897b88c50bbb..778db310a28d 100644 --- a/drivers/net/mdio/mdio-gpio.c +++ b/drivers/net/mdio/mdio-gpio.c @@ -123,9 +123,9 @@ static struct mii_bus *mdio_gpio_bus_init(struct device *dev, new_bus->parent = dev; if (bus_id != -1) - snprintf(new_bus->id, MII_BUS_ID_SIZE, "gpio-%x", bus_id); + snprintf(new_bus->id, sizeof(new_bus->id), "gpio-%x", bus_id); else - strncpy(new_bus->id, "gpio", MII_BUS_ID_SIZE); + strscpy(new_bus->id, "gpio", sizeof(new_bus->id)); if (pdata) { new_bus->phy_mask = pdata->phy_mask; --- base-commit: bee0e7762ad2c6025b9f5245c040fcc36ef2bde8 change-id: 20231012-strncpy-drivers-net-mdio-mdio-gpio-c-bddd9ed0c630 Best regards, -- Justin Stitt <justinstitt@...gle.com>
Powered by blists - more mailing lists