lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAD=FV=Wx_Tr6r4Yo1EZ9nKM_yCc0KgAaZcqPXmw1Jr8+TN23wg@mail.gmail.com>
Date:   Mon, 27 Jun 2022 16:18:36 -0700
From:   Doug Anderson <dianders@...omium.org>
To:     Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
Cc:     Andy Gross <agross@...nel.org>,
        Bjorn Andersson <bjorn.andersson@...aro.org>,
        linux-arm-msm <linux-arm-msm@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Stephen Boyd <sboyd@...nel.org>
Subject: Re: [PATCH v2 1/2] soc: qcom: cmd-db: replace strncpy() with strscpy_pad()

Hi,

On Mon, Jun 27, 2022 at 4:06 PM Doug Anderson <dianders@...omium.org> wrote:
>
> Hi,
>
> On Thu, May 19, 2022 at 12:33 AM Krzysztof Kozlowski
> <krzysztof.kozlowski@...aro.org> wrote:
> >
> > The use of strncpy() is considered deprecated for NUL-terminated
> > strings[1].  Replace strncpy() with strscpy_pad(), to keep existing
> > pad-behavior of strncpy.  This fixes W=1 warning:
> >
> >   drivers/soc/qcom/cmd-db.c: In function ‘cmd_db_get_header.part.0’:
> >   drivers/soc/qcom/cmd-db.c:151:9: warning: ‘strncpy’ specified bound 8 equals destination size [-Wstringop-truncation]
> >     151 |         strncpy(query, id, sizeof(query));
> >
> > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
> >
> > Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
> > Reviewed-by: Stephen Boyd <sboyd@...nel.org>
> >
> > ---
> >
> > Changes since v1:
> > 1. Split series per subsystem.
> > 2. Add tag.
> > ---
> >  drivers/soc/qcom/cmd-db.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
> > index dd872017f345..c5137c25d819 100644
> > --- a/drivers/soc/qcom/cmd-db.c
> > +++ b/drivers/soc/qcom/cmd-db.c
> > @@ -148,7 +148,7 @@ static int cmd_db_get_header(const char *id, const struct entry_header **eh,
> >                 return ret;
> >
> >         /* Pad out query string to same length as in DB */
> > -       strncpy(query, id, sizeof(query));
> > +       strscpy_pad(query, id, sizeof(query));
>
> Sorry to report that this breaks booting on
> sc7280-herobrine-herobrine-r1. I believe that the function was
> actually _relying_ on the "unsafe" behavior of strncpy(). Specifically
> I think:
> * The source string (id) was a '\0' terminated string.
> * The destination (query) was a fixed 8-byte string and doesn't need
> to be '\0' terminated.
>
> So before your change we could actually support 8-byte strings. Now we
> can't because you'll only copy 7 bytes to the destination to leave
> room for the '\0' termination...
>
> Looking at printouts, I see, for instance at least one ID that looks
> like "lnbclka2".
>
> Given the requirements of this function(), the old strncpy() is
> actually _exactly_ what we want. Is there any way to disable the
> warning? If not, I guess we could make "query" be 9 bytes bit, or
> "sizeof(ent->id) + 1" bytes big... Happy to post a patch, but it's
> basically a bikeshed for how you want it fixed (there are dozens of
> ways) and I'd rather you just tell me instead of me guessing.

Actually, I followed the link on the error message and found that the
right solution is probably '__nonstring' so I've posted that. If
someone wants the bikeshed a different color I can do it a different
way.

https://lore.kernel.org/r/20220627161642.1.Ie7b480cd99e2c13319220cbc108caf2bcd41286b@changeid

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ