| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 03 Jul 2014 12:53:14 +0300
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: "John W. Linville" <linville@...driver.com>,
Johannes Berg <johannes@...solutions.net>,
devel@...verdev.osuosl.org, linux-wireless@...r.kernel.org,
linux-kernel@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH 2/6] lib / string_helpers: introduce string_escape_mem()
On Wed, 2014-07-02 at 15:01 -0700, Andrew Morton wrote:
> On Wed, 2 Jul 2014 16:20:25 +0300 Andy Shevchenko <andriy.shevchenko@...ux.intel.com> wrote:
>
> > This is almost the opposite function to string_unescape(). Nevertheless it
> > handles \0 and could be used for any byte buffer.
> >
> > The documentation is supplied together with the function prototype.
> >
> > The test cases covers most of the scenarios and would be expanded later on.
> >
> > ...
> >
> > --- a/include/linux/string_helpers.h
> > +++ b/include/linux/string_helpers.h
> > @@ -71,4 +71,87 @@ static inline int string_unescape_any_inplace(char *buf)
> > return string_unescape_any(buf, buf, 0);
> > }
> >
> > +#define ESCAPE_SPACE 0x01
> > +#define ESCAPE_SPECIAL 0x02
> > +#define ESCAPE_NULL 0x04
> > +#define ESCAPE_OCTAL 0x08
> > +#define ESCAPE_ANY \
> > + (ESCAPE_SPACE | ESCAPE_OCTAL | ESCAPE_SPECIAL | ESCAPE_NULL)
> > +#define ESCAPE_NP 0x10
> > +#define ESCAPE_ANY_NP (ESCAPE_ANY | ESCAPE_NP)
> > +#define ESCAPE_HEX 0x20
> > +
> > +/**
> > + * string_escape_mem - quote characters in the given memory buffer
>
> It drive me nuts when the kerneldoc is in the .h file. Who thinks of
> looking there? I realise that string_unescape() already did that, but
> I'd prefer that we fix string_unescape() rather than imitate it.
No problem, I will do this in separate patch.
>
> > --- a/lib/string_helpers.c
> > +++ b/lib/string_helpers.c
>
> This is a lot of code! Adds nearly a kbyte. I'm surprised that
> escaping a string is so verbose.
> I wonder if the implementation really needs to be so comprehensive?
I studied several kernel cases and try to cover most of them.
> Would a table-driven approach be more compact?
Do you mean something like ctype set of functions?
I wouldn't think so, we have a lot of variations how we would like to
escape. Currently I have such cases covered in terms of flags I
introduced (not all of them in this series):
- ESCAPE_OCTAL (with dictionary)
- ESCAPE_ANY_NP
- ESCAPE_HEX | ESCAPE_NP
- ESCAPE_NULL
... not yet in form of patch
- ESCAPE_SPACE | ESCAPE_SPECIAL (with dictionary)
I can't currently realize how table could cover all of that.
> > static int __init test_string_helpers_init(void)
> > {
> > unsigned int i;
> > @@ -112,6 +315,16 @@ static int __init test_string_helpers_init(void)
> > test_string_unescape("unescape inplace",
> > get_random_int() % (UNESCAPE_ANY + 1), true);
> >
> > + /* Without dictionary */
> > + for (i = 0; i < (ESCAPE_ANY_NP | ESCAPE_HEX) + 1; i++)
> > + test_string_escape("escape 0", escape0, i, TEST_STRING_2_DICT_0);
> > +
> > + /* With dictionary */
> > + for (i = 0; i < (ESCAPE_ANY_NP | ESCAPE_HEX) + 1; i++)
> > + test_string_escape("escape 1", escape1, i, TEST_STRING_2_DICT_1);
> > +
> > + test_string_escape_nomem();
> > +
> > return -EINVAL;
> > }
>
> I wonder why this returns -EINVAL.
The idea of course to not let module be loaded. I saw this return code
in test_kstrtox.c. Would you suggest better approach?
--
Andy Shevchenko <andriy.shevchenko@...el.com>
Intel Finland Oy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists