lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALCETrW2YxHeaejGOvpeG2rHwX9sbaw8hQ3xqZ+qRGPtpcuVpQ@mail.gmail.com>
Date:	Tue, 19 May 2015 13:16:23 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Borislav Petkov <bp@...en8.de>
Cc:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Fenghua Yu <fenghua.yu@...el.com>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Denys Vlasenko <dvlasenk@...hat.com>,
	Ingo Molnar <mingo@...hat.com>,
	Brian Gerst <brgerst@...il.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Igor Mammedov <imammedo@...hat.com>,
	"the arch/x86 maintainers" <x86@...nel.org>,
	Prarit Bhargava <prarit@...hat.com>
Subject: Re: [PATCH] x86, cpuinfo x86_model_id whitespace cleanup

On Tue, May 19, 2015 at 12:22 PM, Borislav Petkov <bp@...en8.de> wrote:
> On Tue, May 19, 2015 at 11:44:41AM -0700, Andy Lutomirski wrote:
>> On May 19, 2015 11:13 AM, "Borislav Petkov" <bp@...en8.de> wrote:
>> >
>> > On Tue, May 19, 2015 at 01:25:59PM -0400, Brian Gerst wrote:
>> > > Using strlcpy in this manner could fail if it does larger than byte
>> > > copies and they overlap.
>> >
>> > Why?
>> >
>> > AFAICT, strlcpy() calls memcpy() and memcpy should handle overlapping
>> > buffers just fine.
>>
>> Are you thinking of memmove?
>
> I guess I'm trying to find out why don't we have a BIG FAT WARNING over
> memcpy saying not to use it with overlapping buffers and larger than
> byte sizes. Or maybe this is something everyone, except me, just knows
> and that's a "Doh, Boris, of course!".
>
> Btw, can we still avoid using the temporary buffer and use strncpy()
> instead? AFAICT, that does byte copies, from looking at the asm.

It's not just chunk size; it's the direction.  If the dest starts
after the source but overlaps it and you copy forwards, then you can
clobber the end of the source before you read it.  memmove is
specifically intended to avoid this.

Would it be possible to just use memmove directly?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ