| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Nov 2021 14:58:04 +0300
From: Pavel Skripkin <paskripkin@...il.com>
To: Ajay Garg <ajaygargnsit@...il.com>
Cc: Andy Shevchenko <andy.shevchenko@...il.com>,
Greg KH <gregkh@...uxfoundation.org>, jirislaby@...nel.org,
kernel@...il.dk, David Laight <David.Laight@...lab.com>,
"linux-serial@...r.kernel.org" <linux-serial@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] tty: vt: keyboard: do not copy an extra-byte in
copy_to_user
On 11/8/21 11:59, Ajay Garg wrote:
> Dropping all further discussions on this thread, as a RFC for a new
> string-copy method has been posted at :
> https://lore.kernel.org/linux-hardening/CAHP4M8U=0aTHgfREGJpSboV6J4X+E3Y6+H_kb-PvXxDKtV=n-g@mail.gmail.com/T/#t
>
> which, if accepted, will make the clients' lives a lot easier.
>
Honestly, I can't get what you are trying to achieve with new string
function.
If caller knows, that there is no possible overflow, it can omit bounds
checking (like in vt_do_kdgkb_ioctl). If caller needs return value equal
to destination length it can use strscpy().
There is a bunch of str*cpy() functions and every month I see new
conversations between them on ML. As Andy said it's really chaos. These
conversation are needed, of course, from security point of view, but
lib/string is already big. It contains functions for every possible
scenario, caller just needs to pick right one.
I might be too dumb in this topic, so it's just my IMHO, since I am on
CC list.
With regards,
Pavel Skripkin
Powered by blists - more mailing lists