| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YwaFRvWw5hi/uWYs@shikoro>
Date: Wed, 24 Aug 2022 22:08:38 +0200
From: Wolfram Sang <wsa+renesas@...g-engineering.com>
To: Andrew Price <anprice@...hat.com>
Cc: cluster-devel@...hat.com, linux-kernel@...r.kernel.org,
Andreas Gruenbacher <agruenba@...hat.com>,
Bob Peterson <rpeterso@...hat.com>
Subject: Re: [Cluster-devel] [PATCH] gfs2: move from strlcpy with unused
retval to strscpy
Hi Andy.
> > - strlcpy(sdp->sd_proto_name, proto, GFS2_FSNAME_LEN);
> > - strlcpy(sdp->sd_table_name, table, GFS2_FSNAME_LEN);
> > + strscpy(sdp->sd_proto_name, proto, GFS2_FSNAME_LEN);
> > + strscpy(sdp->sd_table_name, table, GFS2_FSNAME_LEN);
>
> Perhaps the size should be changed to GFS2_LOCKNAME_LEN to match the size of
> the destination, too.
>
> With that addition, this patch fixes this syzkaller report:
>
> https://listman.redhat.com/archives/cluster-devel/2022-August/022755.html
Linus wrote another summary about strlcpy vs. strscpy use[1]. So, the
size argument should be the size of the smaller buffer if the buffers
are of different size. GFS2_LOCKNAME_LEN is smaller, so that looks
suitable. Shall I resend the patch with the suggested change?
All the best,
Wolfram
[1] https://lore.kernel.org/lkml/CAHk-=wi+xbVq++uqW9YgWpHjyBHNB8a-xad+Xp23-B+eodLCEA@mail.gmail.com/
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists