lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 2 Oct 2018 16:53:16 +0100
From:   Daniel Thompson <daniel.thompson@...aro.org>
To:     Prarit Bhargava <prarit@...hat.com>, linux-kernel@...r.kernel.org
Cc:     Jonathan Toppins <jtoppins@...hat.com>,
        Jason Wessel <jason.wessel@...driver.com>,
        kgdb-bugreport@...ts.sourceforge.net
Subject: Re: [PATCH v2] kdb: Use strscpy with destination buffer size

On 20/09/2018 13:59, Prarit Bhargava wrote:
> gcc 8.1.0 warns with:
> 
> kernel/debug/kdb/kdb_support.c: In function ‘kallsyms_symbol_next’:
> kernel/debug/kdb/kdb_support.c:239:4: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
>       strncpy(prefix_name, name, strlen(name)+1);
>       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> kernel/debug/kdb/kdb_support.c:239:31: note: length computed here
> 
> Use strscpy() with the destination buffer size, and use ellipses when
> displaying truncated symbols.
> 
> v2: Use strscpy()
> 
> Signed-off-by: Prarit Bhargava <prarit@...hat.com>
> Cc: Jonathan Toppins <jtoppins@...hat.com>
> Cc: Jason Wessel <jason.wessel@...driver.com>
> Cc: Daniel Thompson <daniel.thompson@...aro.org>
> Cc: kgdb-bugreport@...ts.sourceforge.net
> ---
>   kernel/debug/kdb/kdb_io.c      | 15 +++++++++------
>   kernel/debug/kdb/kdb_private.h |  2 +-
>   kernel/debug/kdb/kdb_support.c | 10 +++++-----
>   3 files changed, 15 insertions(+), 12 deletions(-)
> 
> diff --git a/kernel/debug/kdb/kdb_io.c b/kernel/debug/kdb/kdb_io.c
> index ed5d34925ad0..6a4b41484afe 100644
> --- a/kernel/debug/kdb/kdb_io.c
> +++ b/kernel/debug/kdb/kdb_io.c
> @@ -216,7 +216,7 @@ static char *kdb_read(char *buffer, size_t bufsize)
>   	int count;
>   	int i;
>   	int diag, dtab_count;
> -	int key;
> +	int key, buf_size, ret;
>   
>   
>   	diag = kdbgetintenv("DTABCOUNT", &dtab_count);
> @@ -336,9 +336,8 @@ static char *kdb_read(char *buffer, size_t bufsize)
>   		else
>   			p_tmp = tmpbuffer;
>   		len = strlen(p_tmp);
> -		count = kallsyms_symbol_complete(p_tmp,
> -						 sizeof(tmpbuffer) -
> -						 (p_tmp - tmpbuffer));
> +		buf_size = sizeof(tmpbuffer) - (p_tmp - tmpbuffer);
> +		count = kallsyms_symbol_complete(p_tmp, buf_size);
>   		if (tab == 2 && count > 0) {
>   			kdb_printf("\n%d symbols are found.", count);
>   			if (count > dtab_count) {
> @@ -350,9 +349,13 @@ static char *kdb_read(char *buffer, size_t bufsize)
>   			}
>   			kdb_printf("\n");
>   			for (i = 0; i < count; i++) {
> -				if (WARN_ON(!kallsyms_symbol_next(p_tmp, i)))
> +				ret = kallsyms_symbol_next(p_tmp, i, buf_size);
> +				if (WARN_ON(!ret))
>   					break;
I'm getting confused by having two different branches on ret.

Don't get a WARN_ON() when ret == -E2BIG?


Daniel.


> -				kdb_printf("%s ", p_tmp);
> +				if (ret != -E2BIG)
> +					kdb_printf("%s ", p_tmp);
> +				else
> +					kdb_printf("%s... ", p_tmp);
>   				*(p_tmp + len) = '\0';
>   			}
>   			if (i >= dtab_count)

Powered by blists - more mailing lists