lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Sep 2019 15:34:03 -0700
From:   Kees Cook <keescook@...omium.org>
To:     "J. Bruce Fields" <bfields@...hat.com>
Cc:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 9/9] Remove string_escape_mem_ascii

On Thu, Sep 05, 2019 at 03:44:33PM -0400, J. Bruce Fields wrote:
> From: "J. Bruce Fields" <bfields@...hat.com>
> 
> It's easier to do this in string_escape_mem now.
> 
> Might also consider non-ascii and quote-mark sprintf modifiers and then
> we might make do with seq_printk.

With '\' always handled, it can be dropped from the "esc" args below. I
wonder if ESCAPE_QUOTES is needed or if "esc" can just continue to be
used for that.

(Also, do we want to add the "hex escape" modifier back to snprintf's
%pE stuff?)

-Kees

> ---
>  fs/seq_file.c                  |  3 ++-
>  include/linux/string_helpers.h |  3 +--
>  lib/string_helpers.c           | 24 ++++--------------------
>  3 files changed, 7 insertions(+), 23 deletions(-)
> 
> diff --git a/fs/seq_file.c b/fs/seq_file.c
> index 63e5a7c4dbf7..0e45a25523ad 100644
> --- a/fs/seq_file.c
> +++ b/fs/seq_file.c
> @@ -390,7 +390,8 @@ void seq_escape_mem_ascii(struct seq_file *m, const char *src, size_t isz)
>  	size_t size = seq_get_buf(m, &buf);
>  	int ret;
>  
> -	ret = string_escape_mem_ascii(src, isz, buf, size);
> +	ret = string_escape_mem(src, isz, buf, size, ESCAPE_NP|ESCAPE_NONASCII|
> +				ESCAPE_STYLE_SLASH|ESCAPE_STYLE_HEX, "\"\\");
>  	seq_commit(m, ret < size ? ret : -1);
>  }
>  EXPORT_SYMBOL(seq_escape_mem_ascii);
> diff --git a/include/linux/string_helpers.h b/include/linux/string_helpers.h
> index 5d350f7f6874..f3388591d83f 100644
> --- a/include/linux/string_helpers.h
> +++ b/include/linux/string_helpers.h
> @@ -43,6 +43,7 @@ static inline int string_unescape_any_inplace(char *buf)
>  
>  #define ESCAPE_SPECIAL		0x01
>  #define ESCAPE_NP		0x02
> +#define ESCAPE_NONASCII		0x04
>  #define ESCAPE_ANY_NP		(ESCAPE_SPECIAL | ESCAPE_NP)
>  #define ESCAPE_STYLE_SLASH	0x20
>  #define ESCAPE_STYLE_OCTAL	0x40
> @@ -52,8 +53,6 @@ static inline int string_unescape_any_inplace(char *buf)
>  int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
>  		unsigned int flags, const char *only);
>  
> -int string_escape_mem_ascii(const char *src, size_t isz, char *dst,
> -					size_t osz);
>  static inline int string_escape_str(const char *src, char *dst, size_t sz,
>  		unsigned int flags, const char *only)
>  {
> diff --git a/lib/string_helpers.c b/lib/string_helpers.c
> index 6f553f893fda..1dacf76eada0 100644
> --- a/lib/string_helpers.c
> +++ b/lib/string_helpers.c
> @@ -439,6 +439,8 @@ static bool is_special(char c)
>   *		'\a' - alert (BEL)
>   *		'\e' - escape
>   *		'\0' - null
> + *	%ESCAPE_NONASCII:
> + *		escape characters with the high bit set
>   *	%ESCAPE_NP:
>   *		escape only non-printable characters (checked by isprint)
>   *	%ESCAPE_ANY_NP:
> @@ -468,7 +470,8 @@ int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
>  
>  		if ((is_dict && strchr(esc, c)) ||
>  		    (flags & ESCAPE_NP && !isprint(c)) ||
> -		    (flags & ESCAPE_SPECIAL && is_special(c))) {
> +		    (flags & ESCAPE_SPECIAL && is_special(c)) ||
> +		    (flags & ESCAPE_NONASCII && !isascii(c))) {
>  
>  			if (flags & ESCAPE_STYLE_SLASH &&
>  					escape_special(c, &p, end))
> @@ -491,25 +494,6 @@ int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
>  }
>  EXPORT_SYMBOL(string_escape_mem);
>  
> -int string_escape_mem_ascii(const char *src, size_t isz, char *dst,
> -					size_t osz)
> -{
> -	char *p = dst;
> -	char *end = p + osz;
> -
> -	while (isz--) {
> -		unsigned char c = *src++;
> -
> -		if (!isprint(c) || !isascii(c) || c == '"' || c == '\\')
> -			escape_hex(c, &p, end);
> -		else
> -			escape_passthrough(c, &p, end);
> -	}
> -
> -	return p - dst;
> -}
> -EXPORT_SYMBOL(string_escape_mem_ascii);
> -
>  /*
>   * Return an allocated string that has been escaped of special characters
>   * and double quotes, making it safe to log in quotes.
> -- 
> 2.21.0
> 

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ