lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190109154022.23551-1-andriy.shevchenko@linux.intel.com>
Date:   Wed,  9 Jan 2019 17:40:22 +0200
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Alexander Viro <viro@...iv.linux.org.uk>,
        linux-fsdevel@...r.kernel.org,
        Andrew Morton <akpm@...ux-foundation.org>,
        linux-kernel@...r.kernel.org, Kees Cook <keescook@...omium.org>
Cc:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Subject: [PATCH v1] seq_file: convert mangle_path() to use string_escape_str()

Since string_escape_str() does not support overlapping buffer first we check if
there is enough room in the buffer and then update a path. The side effect of
this change is in case of failure the buffer is left unchanged.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
---
 fs/seq_file.c | 22 +++++++---------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/fs/seq_file.c b/fs/seq_file.c
index 1dea7a8a5255..b818b23070e6 100644
--- a/fs/seq_file.c
+++ b/fs/seq_file.c
@@ -421,21 +421,13 @@ EXPORT_SYMBOL(seq_printf);
  */
 char *mangle_path(char *s, const char *p, const char *esc)
 {
-	while (s <= p) {
-		char c = *p++;
-		if (!c) {
-			return s;
-		} else if (!strchr(esc, c)) {
-			*s++ = c;
-		} else if (s + 4 > p) {
-			break;
-		} else {
-			*s++ = '\\';
-			*s++ = '0' + ((c & 0300) >> 6);
-			*s++ = '0' + ((c & 070) >> 3);
-			*s++ = '0' + (c & 07);
-		}
-	}
+	size_t len = p + strlen(p) - s;
+	int ret;
+
+	ret = string_escape_str(p, NULL, 0, ESCAPE_OCTAL, esc);
+	if (ret < len)
+		return s + string_escape_str(p, s, len, ESCAPE_OCTAL, esc);
+
 	return NULL;
 }
 EXPORT_SYMBOL(mangle_path);
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ