lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 10 Oct 2022 09:10:26 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Rui Li' <me@...ui.org>, Alexei Starovoitov <ast@...nel.org>,
        "Daniel Borkmann" <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        "Martin KaFai Lau" <martin.lau@...ux.dev>,
        Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>,
        Stanislav Fomichev <sdf@...gle.com>,
        Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] bpf: Replace strlcpy with strscpy in preload module

From: Rui Li
> Sent: 09 October 2022 14:03
> 
> Use strscpy instead of strlcpy as the former one checks the size
> of source. Especially for this case, source strings are less than
> dst size.

Not relevant.
The only problem with strlcpy() is the return value when the
the copy has to be truncated.
As well as wasting computrons it can fault if the source string
isn't actually terminated (which might be true for arbitrary pointers).
In this case the source strings are well formed and short.

While strscpy() might be a preferred function the reason above
is bogus.

	David

> 
> Signed-off-by: Rui Li <me@...ui.org>
> ---
>  kernel/bpf/preload/bpf_preload_kern.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/kernel/bpf/preload/bpf_preload_kern.c b/kernel/bpf/preload/bpf_preload_kern.c
> index 5106b5372f0c..af8dd3a7c928 100644
> --- a/kernel/bpf/preload/bpf_preload_kern.c
> +++ b/kernel/bpf/preload/bpf_preload_kern.c
> @@ -19,9 +19,9 @@ static void free_links_and_skel(void)
> 
>  static int preload(struct bpf_preload_info *obj)
>  {
> -	strlcpy(obj[0].link_name, "maps.debug", sizeof(obj[0].link_name));
> +	strscpy(obj[0].link_name, "maps.debug", sizeof(obj[0].link_name));
>  	obj[0].link = maps_link;
> -	strlcpy(obj[1].link_name, "progs.debug", sizeof(obj[1].link_name));
> +	strscpy(obj[1].link_name, "progs.debug", sizeof(obj[1].link_name));
>  	obj[1].link = progs_link;
>  	return 0;
>  }
> --
> 2.30.2
> 

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ