| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Apr 2024 21:04:54 +0000 From: Justin Stitt <justinstitt@...gle.com> To: Arnd Bergmann <arnd@...nel.org> Cc: linux-kbuild@...r.kernel.org, Arnd Bergmann <arnd@...db.de>, Richard Russon <ldm@...tcap.org>, Jens Axboe <axboe@...nel.dk>, Robert Moore <robert.moore@...el.com>, "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>, Len Brown <lenb@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Masami Hiramatsu <mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Andrew Morton <akpm@...ux-foundation.org>, Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, Lin Ming <ming.m.lin@...el.com>, Alexey Starikovskiy <astarikovskiy@...e.de>, linux-ntfs-dev@...ts.sourceforge.net, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org, linux-acpi@...r.kernel.org, acpica-devel@...ts.linux.dev, linux-trace-kernel@...r.kernel.org Subject: Re: [PATCH 1/5] [v2] test_hexdump: avoid string truncation warning On Tue, Apr 09, 2024 at 04:00:54PM +0200, Arnd Bergmann wrote: > From: Arnd Bergmann <arnd@...db.de> > > gcc can warn when a string is too long to fit into the strncpy() > destination buffer, as it is here depending on the function > arguments: > > inlined from 'test_hexdump_prepare_test.constprop' at /home/arnd/arm-soc/lib/test_hexdump.c:116:3: > include/linux/fortify-string.h:108:33: error: '__builtin_strncpy' output truncated copying between 0 and 32 bytes from a string of length 32 [-Werror=stringop-truncation] > 108 | #define __underlying_strncpy __builtin_strncpy > | ^ > include/linux/fortify-string.h:187:16: note: in expansion of macro '__underlying_strncpy' > 187 | return __underlying_strncpy(p, q, size); > | ^~~~~~~~~~~~~~~~~~~~ > > The intention here is to copy exactly 'l' bytes without any padding or > NUL-termination, so the most logical change is to use memcpy(), just as > a previous change adapted the other output from strncpy() to memcpy(). > > Cc: Justin Stitt <justinstitt@...gle.com> > Signed-off-by: Arnd Bergmann <arnd@...db.de> This looks better than the previous strscpy() usage. Acked-by: Justin Stitt <justinstitt@...gle.com> > --- > --- > lib/test_hexdump.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/test_hexdump.c b/lib/test_hexdump.c > index b916801f23a8..fe2682bb21e6 100644 > --- a/lib/test_hexdump.c > +++ b/lib/test_hexdump.c > @@ -113,7 +113,7 @@ static void __init test_hexdump_prepare_test(size_t len, int rowsize, > *p++ = ' '; > } while (p < test + rs * 2 + rs / gs + 1); > > - strncpy(p, data_a, l); > + memcpy(p, data_a, l); > p += l; > } > > -- > 2.39.2 >
Powered by blists - more mailing lists