| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4017a4af4b0e4b96a6d7ed66afe18120@AcuMS.aculab.com>
Date: Thu, 25 Jul 2019 15:04:02 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Qian Cai' <cai@....pw>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>
CC: "tobin@...nel.org" <tobin@...nel.org>,
"rostedt@...dmis.org" <rostedt@...dmis.org>,
"mingo@...hat.com" <mingo@...hat.com>,
"tj@...nel.org" <tj@...nel.org>,
"dchinner@...hat.com" <dchinner@...hat.com>,
"fengguang.wu@...el.com" <fengguang.wu@...el.com>,
"jack@...e.cz" <jack@...e.cz>, "axboe@...nel.dk" <axboe@...nel.dk>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v2] writeback: fix -Wstringop-truncation warnings
From: Qian Cai
> Sent: 25 July 2019 15:39
>
> There are many of those warnings.
>
> In file included from ./arch/powerpc/include/asm/paca.h:15,
> from ./arch/powerpc/include/asm/current.h:13,
> from ./include/linux/thread_info.h:21,
> from ./include/asm-generic/preempt.h:5,
> from ./arch/powerpc/include/generated/asm/preempt.h:1,
> from ./include/linux/preempt.h:78,
> from ./include/linux/spinlock.h:51,
> from fs/fs-writeback.c:19:
> In function 'strncpy',
> inlined from 'perf_trace_writeback_page_template' at
> ./include/trace/events/writeback.h:56:1:
> ./include/linux/string.h:260:9: warning: '__builtin_strncpy' specified
> bound 32 equals destination size [-Wstringop-truncation]
> return __builtin_strncpy(p, q, size);
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Fix it by using the new strscpy_pad() which was introduced in the
> commit 458a3bf82df4 ("lib/string: Add strscpy_pad() function") and will
> always be NUL-terminated instead of strncpy(). Also, changes strlcpy()
> to use strscpy_pad() in this file for consistency.
>
> Fixes: 455b2864686d ("writeback: Initial tracing support")
> Fixes: 028c2dd184c0 ("writeback: Add tracing to balance_dirty_pages")
> Fixes: e84d0a4f8e39 ("writeback: trace event writeback_queue_io")
> Fixes: b48c104d2211 ("writeback: trace event bdi_dirty_ratelimit")
> Fixes: cc1676d917f3 ("writeback: Move requeueing when I_SYNC set to writeback_sb_inodes()")
> Fixes: 9fb0a7da0c52 ("writeback: add more tracepoints")
> Signed-off-by: Qian Cai <cai@....pw>
> ---
>
> v2: Use strscpy_pad() to address the possible data leaking concern from Steve [1].
> Replace strlcpy() as well for consistency.
>
> [1] https://lore.kernel.org/lkml/20190716170339.1c44719d@gandalf.local.home/
>
> include/trace/events/writeback.h | 39 +++++++++++++++++++++------------------
> 1 file changed, 21 insertions(+), 18 deletions(-)
>
> diff --git a/include/trace/events/writeback.h b/include/trace/events/writeback.h
> index aa7f3aeac740..41092d63a8de 100644
> --- a/include/trace/events/writeback.h
> +++ b/include/trace/events/writeback.h
> @@ -66,8 +66,10 @@
> ),
>
> TP_fast_assign(
> - strncpy(__entry->name,
> - mapping ? dev_name(inode_to_bdi(mapping->host)->dev) : "(unknown)", 32);
> + strscpy_pad(__entry->name,
> + mapping ?
> + dev_name(inode_to_bdi(mapping->host)->dev) :
> + "(unknown)", 32);
Shouldn't the 32 be 'sizeof (something)' ??
Oh, and a horrid line break.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists