| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 18 Feb 2024 16:51:04 -0300
From: Rodrigo Campos <rodrigo@...g.com.ar>
To: Willy Tarreau <w@....eu>,
Thomas Weißschuh <linux@...ssschuh.net>
Cc: linux-kernel@...r.kernel.org,
Rodrigo Campos <rodrigo@...g.com.ar>
Subject: [PATCH v3 2/4] tools/nolibc: Fix strlcat() return code and size usage
The return code should always be strlen(src) + strnlen(dst, size).
Let's make sure to copy at most size-1 bytes from src and null-terminate
the dst buffer if we did copied something.
While we can use strnlen() and strncpy() to implement strlcat(), this is
simple enough and results in shorter code when compiled.
Signed-off-by: Rodrigo Campos <rodrigo@...g.com.ar>
---
tools/include/nolibc/string.h | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/tools/include/nolibc/string.h b/tools/include/nolibc/string.h
index ed15c22b1b2a..cc51fd6b63d0 100644
--- a/tools/include/nolibc/string.h
+++ b/tools/include/nolibc/string.h
@@ -187,22 +187,31 @@ char *strndup(const char *str, size_t maxlen)
static __attribute__((unused))
size_t strlcat(char *dst, const char *src, size_t size)
{
- size_t len;
- char c;
+ size_t len = 0;
- for (len = 0; dst[len]; len++)
- ;
+ for (; len < size; len++) {
+ if (dst[len] == '\0')
+ break;
+ }
- for (;;) {
- c = *src;
- if (len < size)
- dst[len] = c;
- if (!c)
+ /*
+ * We want len < size-1. But as size is unsigned and can wrap
+ * around, we use len + 1 instead.
+ */
+ while (len + 1 < size) {
+ dst[len] = *src;
+ if (*src == '\0')
break;
len++;
src++;
}
+ if (len < size)
+ dst[len] = '\0';
+
+ while (*src++)
+ len++;
+
return len;
}
--
2.43.0
Powered by blists - more mailing lists