| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a5vkpjykxex64vti4wvx7h64jthw7inc23uelol5s3beezoiuz@scl2uhf6pkl7>
Date: Thu, 28 Mar 2024 23:24:56 +0000
From: Justin Stitt <justinstitt@...gle.com>
To: Arnd Bergmann <arnd@...nel.org>
Cc: linux-kernel@...r.kernel.org,
"Richard Russon (FlatCap)" <ldm@...tcap.org>, Jens Axboe <axboe@...nel.dk>, Arnd Bergmann <arnd@...db.de>,
linux-ntfs-dev@...ts.sourceforge.net, linux-block@...r.kernel.org
Subject: Re: [PATCH 07/11] block/partitions/ldm: convert strncpy() to
strscpy()
Hi,
On Thu, Mar 28, 2024 at 03:04:51PM +0100, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@...db.de>
>
> The strncpy() here can cause a non-terminated string, which older gcc
> versions such as gcc-9 warn about:
>
> In function 'ldm_parse_tocblock',
> inlined from 'ldm_validate_tocblocks' at block/partitions/ldm.c:386:7,
> inlined from 'ldm_partition' at block/partitions/ldm.c:1457:7:
> block/partitions/ldm.c:134:2: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
> 134 | strncpy (toc->bitmap1_name, data + 0x24, sizeof (toc->bitmap1_name));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> block/partitions/ldm.c:145:2: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
> 145 | strncpy (toc->bitmap2_name, data + 0x46, sizeof (toc->bitmap2_name));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> New versions notice that the code is correct after all because of the
> following termination, but replacing the strncpy() with strscpy_pad()
> or strcpy() avoids the warning and simplifies the code at the same time.
>
> Use the padding version here to keep the existing behavior, in case
> the code relies on not including uninitialized data.
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Thanks for the patch!
This helps towards: https://github.com/KSPP/linux/issues/90
Reviewed-by: Justin Stitt <justinstitt@...gle.com>
> ---
> block/partitions/ldm.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/block/partitions/ldm.c b/block/partitions/ldm.c
> index 38e58960ae03..2bd42fedb907 100644
> --- a/block/partitions/ldm.c
> +++ b/block/partitions/ldm.c
> @@ -131,8 +131,7 @@ static bool ldm_parse_tocblock (const u8 *data, struct tocblock *toc)
> ldm_crit ("Cannot find TOCBLOCK, database may be corrupt.");
> return false;
> }
> - strncpy (toc->bitmap1_name, data + 0x24, sizeof (toc->bitmap1_name));
> - toc->bitmap1_name[sizeof (toc->bitmap1_name) - 1] = 0;
> + strscpy_pad(toc->bitmap1_name, data + 0x24, sizeof(toc->bitmap1_name));
> toc->bitmap1_start = get_unaligned_be64(data + 0x2E);
> toc->bitmap1_size = get_unaligned_be64(data + 0x36);
>
> @@ -142,8 +141,7 @@ static bool ldm_parse_tocblock (const u8 *data, struct tocblock *toc)
> TOC_BITMAP1, toc->bitmap1_name);
> return false;
> }
> - strncpy (toc->bitmap2_name, data + 0x46, sizeof (toc->bitmap2_name));
> - toc->bitmap2_name[sizeof (toc->bitmap2_name) - 1] = 0;
> + strscpy_pad(toc->bitmap2_name, data + 0x46, sizeof(toc->bitmap2_name));
> toc->bitmap2_start = get_unaligned_be64(data + 0x50);
> toc->bitmap2_size = get_unaligned_be64(data + 0x58);
> if (strncmp (toc->bitmap2_name, TOC_BITMAP2,
> --
> 2.39.2
>
Thanks
Justin
Powered by blists - more mailing lists