lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <51902bcc-f5e6-ff9a-9aeb-bf7b8deeaf26@bingham.xyz>
Date:   Mon, 31 Oct 2016 15:01:52 +0000
From:   Kieran Bingham <kieran@...uared.org.uk>
To:     Peter Rosin <peda@...ntia.se>, Lee Jones <lee.jones@...aro.org>
Cc:     Wolfram Sang <wsa@...-dreams.de>, linux-i2c@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Javier Martinez Canillas <javier@....samsung.com>,
        sameo@...ux.intel.com
Subject: Re: [PATCHv6 08/11] i2c: match vendorless strings on the internal
 string length

Hi Peter,

Thanks for your review

On 31/10/16 13:55, Peter Rosin wrote:
> On 2016-10-26 10:53, Lee Jones wrote:
>> On Tue, 25 Oct 2016, Kieran Bingham wrote:
>>
>>> If a user provides a shortened string to match a device to the sysfs i2c
>>> interface it will match on the first string that contains that string
>>> prefix.
>>>
>>> for example:
>>>   echo a 0x68 > /sys/bus/i2c/devices/i2c-2/new_device
>>>
>>> will match as3711, as3722, and ak8975 incorrectly.
>>>
>>> Signed-off-by: Kieran Bingham <kieran@...gham.xyz>
>>
>> Acked-by: Lee Jones <lee.jones@...aro.org>
>>   
>>> ---
>>>  drivers/i2c/i2c-core.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/i2c/i2c-core.c b/drivers/i2c/i2c-core.c
>>> index 01bce56f733a..50c9cfdb87b7 100644
>>> --- a/drivers/i2c/i2c-core.c
>>> +++ b/drivers/i2c/i2c-core.c
>>> @@ -1708,7 +1708,7 @@ i2c_of_match_device_strip_vendor(const struct of_device_id *matches,
>>>  		else
>>>  			name++;
>>>  
>>> -		if (!strncasecmp(client->name, name, strlen(client->name)))
>>> +		if (!strncasecmp(client->name, name, strlen(name)))
>>>  			return matches;
>>>  	}
>>>  
>>
> 
> Is that really so much better?

My original thought was that it verifies 'more' of the userspace input.
but...

> With this patch
> 	echo as3711CRAP 0x68 > /sys/...
> will match as3711.
>
> What if there is some as37112 driver that is the real target?

You're right - It looks like the only way to do this correctly is to
match the strncasecmp and the strlen of both strings.

So really we should be using sysfs_streq(). The only limitation there is
that this original code was performing a case-insensitive compare.

Lee - Where did the requirement for case insensitive matching come from
in your original code. Is it expected to be case-insensitive from the
I2C sysfs interface? or are dt-nodes expected to be case-sensitive?

Does anyone see reason that this shouldn't be using sysfs_streq()? or do
we need a sysfs_strcaseeq()...

> Cheers,
> Peter
> 

-- 
Regards

Kieran Bingham

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ