lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZVoB4b2/X3jCPOdG@li-008a6a4c-3549-11b2-a85c-c5cc2836eea2.ibm.com>
Date:   Sun, 19 Nov 2023 13:38:57 +0100
From:   Alexander Gordeev <agordeev@...ux.ibm.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Steffen Maier <maier@...ux.ibm.com>,
        Benjamin Block <bblock@...ux.ibm.com>,
        Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ux.ibm.com>,
        Sven Schnelle <svens@...ux.ibm.com>,
        Azeem Shaikh <azeemshaikh38@...il.com>,
        linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH] scsi: zfcp: Replace strlcpy() with strscpy()

On Fri, Nov 17, 2023 at 07:19:48PM +0100, Alexander Gordeev wrote:
> > @@ -900,8 +900,15 @@ static void zfcp_fc_rspn(struct zfcp_adapter *adapter,
> >  	zfcp_fc_ct_ns_init(&rspn_req->ct_hdr, FC_NS_RSPN_ID,
> >  			   FC_SYMBOLIC_NAME_SIZE);
> >  	hton24(rspn_req->rspn.fr_fid.fp_fid, fc_host_port_id(shost));
> > -	len = strlcpy(rspn_req->rspn.fr_name, fc_host_symbolic_name(shost),
> > -		      FC_SYMBOLIC_NAME_SIZE);
> > +	len = strscpy(rspn_req->name, fc_host_symbolic_name(shost),
> > +		      sizeof(rspn_req->name));
> 
> Could you please explain why do you copy to rspn_req->name instead
> of rspn_req->rspn.fr_name?

Please, ignore this (stupid Friday evening) quesiton.

Although the use of sizeof() is right thing, FC_SYMBOLIC_NAME_SIZE
is so ubiquotous in this source that it probably makes sense to
address in a separate cleanup.

@Steffen, @Benjamin, could you please comment in this and below?

> > +	/*
> > +	 * It should be impossible for this to truncate, as
> > +	 * sizeof(rspn_req->name) is equal to max size of
> > +	 * fc_host_symbolic_name(shost), but check anyway.
> > +	 */
> > +	if (len < 0)
> > +		len = sizeof(rspn_req->name) - 1;

Not sure if this check is really needed. It could have been done
for strlcpy() also, but as you say - should not ever happen.

> >  	rspn_req->rspn.fr_name_len = len;
> >  
> >  	sg_init_one(&fc_req->sg_req, rspn_req, sizeof(*rspn_req));

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ