lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 3 Apr 2024 17:24:25 -0700
From: Justin Stitt <justinstitt@...gle.com>
To: Phillip Lougher <phillip@...ashfs.org.uk>
Cc: akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Squashfs: remove deprecated strncpy by not copying the string

On Wed, Apr 3, 2024 at 11:34 AM Phillip Lougher <phillip@...ashfs.org.uk> wrote:
>
> Squashfs copied the passed string (name) into a temporary buffer
> to ensure it was NUL-terminated.  This however is completely
> unnecessary as the string is already NUL-terminated.  So remove
> the deprecated strncpy() by completely removing the string copy.
>
> The background behind this unnecessary string copy is that it
> dates back to the days when Squashfs was an out of kernel patch.
> The code deliberately did not assume the string was NUL-terminated
> in case in future this changed (due to kernel changes).  This
> would mean the out of tree patches would be broken but still
> compile OK.
>
> Signed-off-by: Phillip Lougher <phillip@...ashfs.org.uk>

Reviewed-by: Justin Stitt <justinstitt@...gle.com>

> ---
>  fs/squashfs/namei.c | 14 ++++----------
>  1 file changed, 4 insertions(+), 10 deletions(-)
>
> diff --git a/fs/squashfs/namei.c b/fs/squashfs/namei.c
> index 11e4539b9eae..65aae7e2a859 100644
> --- a/fs/squashfs/namei.c
> +++ b/fs/squashfs/namei.c
> @@ -62,27 +62,21 @@
>   */
>  static int get_dir_index_using_name(struct super_block *sb,
>                         u64 *next_block, int *next_offset, u64 index_start,
> -                       int index_offset, int i_count, const char *name,
> -                       int len)
> +                       int index_offset, int i_count, const char *name)
>  {
>         struct squashfs_sb_info *msblk = sb->s_fs_info;
>         int i, length = 0, err;
>         unsigned int size;
>         struct squashfs_dir_index *index;
> -       char *str;
>
>         TRACE("Entered get_dir_index_using_name, i_count %d\n", i_count);
>
> -       index = kmalloc(sizeof(*index) + SQUASHFS_NAME_LEN * 2 + 2, GFP_KERNEL);
> +       index = kmalloc(sizeof(*index) + SQUASHFS_NAME_LEN + 1, GFP_KERNEL);
>         if (index == NULL) {
>                 ERROR("Failed to allocate squashfs_dir_index\n");
>                 goto out;
>         }
>
> -       str = &index->name[SQUASHFS_NAME_LEN + 1];
> -       strncpy(str, name, len);
> -       str[len] = '\0';
> -
>         for (i = 0; i < i_count; i++) {
>                 err = squashfs_read_metadata(sb, index, &index_start,
>                                         &index_offset, sizeof(*index));
> @@ -101,7 +95,7 @@ static int get_dir_index_using_name(struct super_block *sb,
>
>                 index->name[size] = '\0';
>
> -               if (strcmp(index->name, str) > 0)
> +               if (strcmp(index->name, name) > 0)
>                         break;
>
>                 length = le32_to_cpu(index->index);
> @@ -153,7 +147,7 @@ static struct dentry *squashfs_lookup(struct inode *dir, struct dentry *dentry,
>         length = get_dir_index_using_name(dir->i_sb, &block, &offset,
>                                 squashfs_i(dir)->dir_idx_start,
>                                 squashfs_i(dir)->dir_idx_offset,
> -                               squashfs_i(dir)->dir_idx_cnt, name, len);
> +                               squashfs_i(dir)->dir_idx_cnt, name);
>
>         while (length < i_size_read(dir)) {
>                 /*
> --
> 2.39.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ