| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMpxmJWQsgV5WZrdPW3UUOVTEy1L6Y_rb7ThQK1QTRinmHSqWA@mail.gmail.com>
Date: Mon, 7 Sep 2020 12:02:52 +0200
From: Bartosz Golaszewski <bgolaszewski@...libre.com>
To: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc: Bartosz Golaszewski <brgl@...ev.pl>,
Linus Walleij <linus.walleij@...aro.org>,
Jonathan Corbet <corbet@....net>,
Mika Westerberg <mika.westerberg@...ux.intel.com>,
Kent Gibson <warthog618@...il.com>,
linux-gpio <linux-gpio@...r.kernel.org>,
linux-doc <linux-doc@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>, linux-acpi@...r.kernel.org
Subject: Re: [PATCH 03/23] lib: uaccess: provide getline_from_user()
On Fri, Sep 4, 2020 at 6:35 PM Andy Shevchenko
<andriy.shevchenko@...ux.intel.com> wrote:
>
> On Fri, Sep 04, 2020 at 05:45:27PM +0200, Bartosz Golaszewski wrote:
> > From: Bartosz Golaszewski <bgolaszewski@...libre.com>
> >
> > Provide a uaccess helper that allows callers to copy a single line from
> > user memory. This is useful for debugfs write callbacks.
>
> Doesn't mm/util.c provides us something like this?
> strndup_user()?
>
Yes, there's both strndup_user() as well as strncpy_from_user(). The
problem is that they rely on the strings being NULL-terminated. This
is not guaranteed for debugfs file_operations write callbacks. We need
some helper that takes the minimum of bytes provided by userspace and
the buffer size and figure out how many bytes to actually copy IMO.
Bart
Powered by blists - more mailing lists