lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHp75Vf_JVJwc7t7mMACRB9xhBgNODz-474tiK77bQ-t_X_BiQ@mail.gmail.com>
Date:   Tue, 15 Sep 2020 13:11:40 +0300
From:   Andy Shevchenko <andy.shevchenko@...il.com>
To:     Kent Gibson <warthog618@...il.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "open list:GPIO SUBSYSTEM" <linux-gpio@...r.kernel.org>,
        Bartosz Golaszewski <bgolaszewski@...libre.com>,
        Linus Walleij <linus.walleij@...aro.org>,
        kernel test robot <lkp@...el.com>
Subject: Re: [PATCH v8 02/20] gpiolib: cdev: replace strncpy with strscpy

On Wed, Sep 9, 2020 at 1:34 PM Kent Gibson <warthog618@...il.com> wrote:
>
> Replace usage of strncpy with strscpy to remove -Wstringop-truncation

strnspy() with strscpy()

> warnings.
>
> The structs being populated are zeroed, to prevent stack leakage as

structures

> they are returned to userspace, so strscpy performs the equivalent

strscpy()

> function without the warnings.

Isn't this what I commented on like half a year ago and back then
reply was something that there is no warnings or so?

Reviewed-by: Andy Shevchenko <andy.shevchenko@...il.com>

> Reported-by: kernel test robot <lkp@...el.com>
> Signed-off-by: Kent Gibson <warthog618@...il.com>
> ---
>
> The memset in gpio_desc_to_lineinfo(), in conjunction with the strscpy,
> is necessary as strncpy zero pads the remainder of the destination.
> It also guarantees that the info cannot leak kernel stack to userspace.
> This is useful here, but is even more important for the v2 info, that
> this function is changed to generate in a subsequent patch, as that
> struct contains padding and attribute arrays that also need to be
> initialised.
>
>  drivers/gpio/gpiolib-cdev.c | 23 +++++++----------------
>  1 file changed, 7 insertions(+), 16 deletions(-)
>
> diff --git a/drivers/gpio/gpiolib-cdev.c b/drivers/gpio/gpiolib-cdev.c
> index e95e3eab9867..8b012879fe3f 100644
> --- a/drivers/gpio/gpiolib-cdev.c
> +++ b/drivers/gpio/gpiolib-cdev.c
> @@ -752,6 +752,7 @@ static void gpio_desc_to_lineinfo(struct gpio_desc *desc,
>         bool ok_for_pinctrl;
>         unsigned long flags;
>
> +       memset(info, 0, sizeof(*info));
>         info->line_offset = gpio_chip_hwgpio(desc);
>         /*
>          * This function takes a mutex so we must check this before taking
> @@ -765,19 +766,11 @@ static void gpio_desc_to_lineinfo(struct gpio_desc *desc,
>
>         spin_lock_irqsave(&gpio_lock, flags);
>
> -       if (desc->name) {
> -               strncpy(info->name, desc->name, sizeof(info->name));
> -               info->name[sizeof(info->name) - 1] = '\0';
> -       } else {
> -               info->name[0] = '\0';
> -       }
> +       if (desc->name)
> +               strscpy(info->name, desc->name, sizeof(info->name));
>
> -       if (desc->label) {
> -               strncpy(info->consumer, desc->label, sizeof(info->consumer));
> -               info->consumer[sizeof(info->consumer) - 1] = '\0';
> -       } else {
> -               info->consumer[0] = '\0';
> -       }
> +       if (desc->label)
> +               strscpy(info->consumer, desc->label, sizeof(info->consumer));
>
>         /*
>          * Userspace only need to know that the kernel is using this GPIO so
> @@ -841,12 +834,10 @@ static long gpio_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
>
>                 memset(&chipinfo, 0, sizeof(chipinfo));
>
> -               strncpy(chipinfo.name, dev_name(&gdev->dev),
> +               strscpy(chipinfo.name, dev_name(&gdev->dev),
>                         sizeof(chipinfo.name));
> -               chipinfo.name[sizeof(chipinfo.name)-1] = '\0';
> -               strncpy(chipinfo.label, gdev->label,
> +               strscpy(chipinfo.label, gdev->label,
>                         sizeof(chipinfo.label));
> -               chipinfo.label[sizeof(chipinfo.label)-1] = '\0';
>                 chipinfo.lines = gdev->ngpio;
>                 if (copy_to_user(ip, &chipinfo, sizeof(chipinfo)))
>                         return -EFAULT;
> --
> 2.28.0
>


-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ