lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 8 Jan 2023 22:52:29 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Quanfa Fu <quanfafu@...il.com>
Cc:     mhiramat@...nel.org, linux-kernel@...r.kernel.org,
        linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH v2] tracing/eprobe: Replace snprintf with memcpy

On Mon,  9 Jan 2023 11:32:13 +0800
Quanfa Fu <quanfafu@...il.com> wrote:

> @@ -923,17 +923,17 @@ static int trace_eprobe_parse_filter(struct trace_eprobe *ep, int argc, const ch
>  
>  	p = ep->filter_str;
>  	for (i = 0; i < argc; i++) {
> -		ret = snprintf(p, len, "%s ", argv[i]);
> -		if (ret < 0)
> -			goto error;
> -		if (ret > len) {
> -			ret = -E2BIG;
> -			goto error;
> -		}
> -		p += ret;
> -		len -= ret;
> +		arg_len = strlen(argv[i]);
> +		memcpy((void *)p, argv[i], arg_len);
> +
> +		if (i == argc - 1)
> +			p[arg_len] = '\0';
> +		else
> +			p[arg_len] = ' ';
> +
> +		p += arg_len + 1;
> +		len -= arg_len + 1;
>  	}

The above is too complex. I mentioned strncat() but you could still
just keep snprintf() too, which adds the '\0';

	for (i = 0; i < argc; i++) {
		if (i)
			ret = snprintf(p, len, " %s", argv[i]);
		else
			ret = snprintf(p, len, "%s", argv[i]);
		p += ret;
		len -= ret;
	}

-- Steve

> -	p[-1] = '\0';
>  
>  	/*
>  	 * Ensure the filter string can be parsed correctly. Note, this

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ