lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20140903095742.GA5058@mwanda>
Date:	Wed, 3 Sep 2014 12:57:42 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	rickard_strandqvist@...ctrumdigital.se,
	Nicholas Bellinger <nab@...ux-iscsi.org>
Cc:	target-devel@...r.kernel.org, Joe Perches <joe@...ches.com>,
	Kees Cook <keescook@...omium.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: re: target: target_core_transport.c: Cleaning up missing
 null-terminate in conjunction with strncpy

The patch 6cfa853ceee4: "target: target_core_transport.c: Cleaning up
missing null-terminate in conjunction with strncpy" from Aug 3, 2014,
leads to the following static checker warning:

	drivers/target/target_core_transport.c:956 transport_dump_vpd_ident_type()
	error: potentially dereferencing uninitialized 'len'.

drivers/target/target_core_transport.c
   955          default:
   956                  len = strlen(len);
                        ^^^^^^^^^^^^^^^^^

This was obviously supposed to be strlen(buf) and no one compile tested
it...  But the patch is called "missing null-terminate" when actually
the original code was fine as far as I can see.

Apparently, as a safety measure we're trying to replace every strncpy()
with:

	strncpy(foo, bar, sizeof(foo));
	foo[sizeof(foo) - 1] = '\0';

We should have a function for this.  We used to use strlcpy() but people
complained that it could read beyond the end of the src string.  Also it
doesn't pad the string with zeros.  So now we're open coding NUL
terminators everywhere so the code is easier to audit.

That sucks and makes the code messier.

Rickard, please, let's find a cleaner way to do this.

regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ