lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20240730151716.2511975-1-arnd@kernel.org>
Date: Tue, 30 Jul 2024 17:16:26 +0200
From: Arnd Bergmann <arnd@...nel.org>
To: Chandan Babu R <chandan.babu@...cle.com>,
	"Darrick J. Wong" <djwong@...nel.org>
Cc: Arnd Bergmann <arnd@...db.de>,
	kernel test robot <lkp@...el.com>,
	Dave Chinner <dchinner@...hat.com>,
	Kent Overstreet <kent.overstreet@...ux.dev>,
	linux-xfs@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [PATCH] xfs: trace: replace strncpy() with strscpy()

From: Arnd Bergmann <arnd@...db.de>

I got a warning about an strncpy() with possibly missing NUL-termination:

In file included from include/trace/define_trace.h:102,
                 from fs/xfs/scrub/trace.h:3584,
                 from fs/xfs/scrub/trace.c:58:
fs/xfs/./scrub/trace.h: In function 'trace_event_raw_event_xfile_create':
fs/xfs/./scrub/trace.h:973:3: error: 'strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation]

Use strscpy() to auto-size the output, and zero-pad the string
as before.

Reported-by: kernel test robot <lkp@...el.com>
Fixes: 3934e8ebb7cc ("xfs: create a big array data structure")
Closes: https://lore.kernel.org/oe-kbuild-all/202403290419.HPcyvqZu-lkp@intel.com/
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
I'm not entirely sure about whether to pad or not, as about half of the
ftrace macros with strscpy() pad and the other half don't. We probably
want them all to do the same thing here.

If there is a chance of leaking kernel stack data to userspace here,
we need to pad the string, otherwise not.
---
 fs/xfs/scrub/trace.h | 2 +-
 fs/xfs/xfs_trace.h   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/xfs/scrub/trace.h b/fs/xfs/scrub/trace.h
index 92ef4cdc486e..6f7fa24e1273 100644
--- a/fs/xfs/scrub/trace.h
+++ b/fs/xfs/scrub/trace.h
@@ -970,7 +970,7 @@ TRACE_EVENT(xfile_create,
 		path = file_path(xf->file, pathname, sizeof(pathname) - 1);
 		if (IS_ERR(path))
 			path = "(unknown)";
-		strncpy(__entry->pathname, path, sizeof(__entry->pathname));
+		strscpy_pad(__entry->pathname, path);
 	),
 	TP_printk("xfino 0x%lx path '%s'",
 		  __entry->ino,
diff --git a/fs/xfs/xfs_trace.h b/fs/xfs/xfs_trace.h
index 5646d300b286..79d159fab2e6 100644
--- a/fs/xfs/xfs_trace.h
+++ b/fs/xfs/xfs_trace.h
@@ -4728,7 +4728,7 @@ TRACE_EVENT(xmbuf_create,
 		path = file_path(file, pathname, sizeof(pathname) - 1);
 		if (IS_ERR(path))
 			path = "(unknown)";
-		strncpy(__entry->pathname, path, sizeof(__entry->pathname));
+		strscpy_pad(__entry->pathname, path);
 	),
 	TP_printk("dev %d:%d xmino 0x%lx path '%s'",
 		  MAJOR(__entry->dev), MINOR(__entry->dev),
-- 
2.39.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ