| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5643a1971831ce2d01a947f0f07cefa002bbdc25.camel@linux.intel.com>
Date: Mon, 04 Mar 2019 16:22:52 -0600
From: Tom Zanussi <tom.zanussi@...ux.intel.com>
To: Steven Rostedt <rostedt@...dmis.org>,
Tom Zanussi <zanussi@...nel.org>
Cc: linux-kernel@...r.kernel.org, linux-rt-users@...r.kernel.org,
Namhyung Kim <namhyung@...nel.org>
Subject: Re: [PATCH 2/2] tracing: Use strncpy instead of memcpy for string
keys in hist triggers
Hi Steve,
On Mon, 2019-03-04 at 16:56 -0500, Steven Rostedt wrote:
> On Mon, 4 Mar 2019 16:50:00 -0500
> Steven Rostedt <rostedt@...dmis.org> wrote:
>
> > > +++ b/kernel/trace/trace_events_hist.c
> > > @@ -4695,9 +4695,10 @@ static inline void add_to_key(char
> > > *compound_key, void *key,
> > > /* ensure NULL-termination */
> > > if (size > key_field->size - 1)
> > > size = key_field->size - 1;
> > > - }
> > >
> > > - memcpy(compound_key + key_field->offset, key, size);
> > > + strncpy(compound_key + key_field->offset, (char *)key,
> > > size);
> > > + } else
> > > + memcpy(compound_key + key_field->offset, key, size);
> > > }
> > >
> >
> > Shouldn't we use strncpy() in save_comm() too. Feels safer.
>
> Note, if that is changed, it can be another patch. This one is fine
> as
> is. I just was looking at other use cases of memcpy() in that file.
>
Hmm, I don't think it's really necessary - it's not used in a key so
don't care about anything after the null, and TASK_COMM_LEN is used in
the memcpy.
Tom
> -- Steve
Powered by blists - more mailing lists