lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Y7QtusGlIX3AU+TN@alley>
Date:   Tue, 3 Jan 2023 14:29:30 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     John Ogness <john.ogness@...utronix.de>
Cc:     Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH printk v3 6/6] printk: introduce
 console_prepend_dropped() for dropped messages

On Tue 2023-01-03 11:26:23, John Ogness wrote:
> On 2023-01-02, Petr Mladek <pmladek@...e.com> wrote:
> >> +static void console_prepend_dropped(struct console_message *cmsg, unsigned long dropped)
> >> +{
> >> +	struct console_buffers *cbufs = cmsg->cbufs;
> >> +	const size_t scratchbuf_sz = sizeof(cbufs->scratchbuf);
> >> +	const size_t outbuf_sz = sizeof(cbufs->outbuf);
> >> +	char *scratchbuf = &cbufs->scratchbuf[0];
> >> +	char *outbuf = &cbufs->outbuf[0];
> >> +	size_t len;
> >> +
> >> +	len = snprintf(scratchbuf, scratchbuf_sz,
> >> +		       "** %lu printk messages dropped **\n", dropped);
> >> +
> >> +	/*
> >> +	 * Make sure outbuf is sufficiently large before prepending. Space
> >> +	 * for a terminator is also counted in case truncation occurs.
> >> +	 */
> >> +	if (WARN_ON_ONCE(len + 1 >= outbuf_sz))
> >> +		return;
> >
> > Strictly speaking, this should be:
> >
> > 	if (WARN_ON_ONCE(len >= outbuf_sz))
> > 		return;
> >
> > The trailing '\0' will fit into the buffer when len < outbuf_sz.
> 
> You are correct.
> 
> My concern was that if "@len = @outbuf_sz - 1", the entire message will
> be truncated and you will only see the dropped messages text. I wanted
> at least 1 character from the message to survive. ;-)

I see.

> How about the commments:
> 
> 	/*
> 	 * Make sure outbuf is sufficiently large before prepending. Space
> 	 * for a terminator and at least 1 byte of the message is also
> 	 * checked in case truncation is needed.
> 	 */

It is better than the original.

Well, what about making sure that something more useful is always
printed. For example:

	/*
	 * Make sure outbuf is sufficiently large before prepending.
	 * Keep at least the prefix when the message has to be truncated.
	 * It is a rather theoretical problem when someone tries to
	 * use a minimalist buffer.
	 */
	if (WARN_ON_ONCE(len + PREFIX_MAX + 1 >= outbuf_sz))
		return;

If we want to use this way. It would probably make sense to
rename PREFIX_MAX to CONSOLE_PREFIX_MAX.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ