| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFhGd8oHht+uMBouT7_AXZt4DMRJi=A7_=fyhZ2Hf_ne+8xE8w@mail.gmail.com>
Date: Thu, 28 Mar 2024 16:01:23 -0700
From: Justin Stitt <justinstitt@...gle.com>
To: Arnd Bergmann <arnd@...nel.org>
Cc: linux-kernel@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Nathan Chancellor <nathan@...nel.org>,
Arnd Bergmann <arnd@...db.de>, Nick Desaulniers <ndesaulniers@...gle.com>,
Bill Wendling <morbo@...gle.com>, Franziska Naepelt <franziska.naepelt@...glemail.com>,
Johannes Berg <johannes.berg@...el.com>, Yang Yingliang <yangyingliang@...wei.com>,
Erick Archer <erick.archer@....com>, linux-staging@...ts.linux.dev, llvm@...ts.linux.dev
Subject: Re: [PATCH 09/11] staging: rtl8723bs: convert strncpy to strscpy
Hi,
On Thu, Mar 28, 2024 at 7:07 AM Arnd Bergmann <arnd@...nel.org> wrote:
>
> From: Arnd Bergmann <arnd@...db.de>
>
> gcc-9 complains about a possibly unterminated string in the strncpy() destination:
>
> In function 'rtw_cfg80211_add_monitor_if',
> inlined from 'cfg80211_rtw_add_virtual_intf' at drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c:2209:9:
> drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c:2146:2: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
> 2146 | strncpy(mon_ndev->name, name, IFNAMSIZ);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> This one is a false-positive because of the explicit termination in the following
> line, and recent versions of clang and gcc no longer warn about this.
>
> Interestingly, the other strncpy() in this file is missing a termination but
> does not produce a warning, possibly because of the type confusion and the
> cast between u8 and char.
>
> Change both strncpy() instances to strscpy(), which avoids the warning as well
> as the possibly missing termination. No additional padding is needed here.
Could you also clean up the strncpy present in
drivers/staging/rtl8723bs/os_dep/os_intfs.c so all these are cleaned
up at once?
Maybe we could use the new 2-argument version of strscpy() introduced
in Commit e6584c3964f2f ("string: Allow 2-argument strscpy()") for all
3 of these too.
It looks like:
strscpy(dest, src);
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c b/drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c
> index 65a450fcdce7..98bc5520e77d 100644
> --- a/drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c
> +++ b/drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c
> @@ -884,7 +884,7 @@ static int cfg80211_rtw_add_key(struct wiphy *wiphy, struct net_device *ndev,
> goto addkey_end;
> }
>
> - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> + strscpy(param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
>
> if (!mac_addr || is_broadcast_ether_addr(mac_addr))
> param->u.crypt.set_tx = 0; /* for wpa/wpa2 group key */
> @@ -2143,8 +2143,7 @@ static int rtw_cfg80211_add_monitor_if(struct adapter *padapter, char *name, str
> }
>
> mon_ndev->type = ARPHRD_IEEE80211_RADIOTAP;
> - strncpy(mon_ndev->name, name, IFNAMSIZ);
> - mon_ndev->name[IFNAMSIZ - 1] = 0;
> + strscpy(mon_ndev->name, name, IFNAMSIZ);
> mon_ndev->needs_free_netdev = true;
> mon_ndev->priv_destructor = rtw_ndev_destructor;
>
> --
> 2.39.2
>
Thanks
Justin
Powered by blists - more mailing lists