| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6e1b72fa-900b-45b8-8b89-37cd84cad779@gmail.com>
Date: Sun, 27 Jul 2025 22:00:46 +0300
From: Eslam Khafagy <eslam.medhat1993@...il.com>
Cc: skhan@...uxfoundation.com, Philipp Reisner <philipp.reisner@...bit.com>,
Lars Ellenberg <lars.ellenberg@...bit.com>,
Christoph Böhmwalder <christoph.boehmwalder@...bit.com>,
Jens Axboe <axboe@...nel.dk>, drbd-dev@...ts.linbit.com,
linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] DRBD: replace strcpy with strscpy
Hi,
kind reminder about this patch change.
I appreciate your time reviewing this.
Regards,
Eslam Khafagy
On 7/5/25 20:32, Eslam Khafagy wrote:
> strcpy is deprecated due to lack of bounds checking. This patch replaces
> strcpy with strscpy, the recommended alternative for null terminated
> strings, to follow best practices.
>
> I had to do a small refactor for __drbd_send_protocol since it uses
> strlen anyways. so why not use that for strscpy.
>
> V2:
> - I forgot about null termination so i fixed it.
>
> Signed-off-by: Eslam Khafagy <eslam.medhat1993@...il.com>
> ---
> drivers/block/drbd/drbd_main.c | 17 +++++++++--------
> drivers/block/drbd/drbd_receiver.c | 4 ++--
> 2 files changed, 11 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c
> index 52724b79be30..028a5cf41d7f 100644
> --- a/drivers/block/drbd/drbd_main.c
> +++ b/drivers/block/drbd/drbd_main.c
> @@ -742,9 +742,9 @@ int drbd_send_sync_param(struct drbd_peer_device *peer_device)
> }
>
> if (apv >= 88)
> - strcpy(p->verify_alg, nc->verify_alg);
> + strscpy(p->verify_alg, nc->verify_alg);
> if (apv >= 89)
> - strcpy(p->csums_alg, nc->csums_alg);
> + strscpy(p->csums_alg, nc->csums_alg);
> rcu_read_unlock();
>
> return drbd_send_command(peer_device, sock, cmd, size, NULL, 0);
> @@ -771,10 +771,6 @@ int __drbd_send_protocol(struct drbd_connection *connection, enum drbd_packet cm
> return -EOPNOTSUPP;
> }
>
> - size = sizeof(*p);
> - if (connection->agreed_pro_version >= 87)
> - size += strlen(nc->integrity_alg) + 1;
> -
> p->protocol = cpu_to_be32(nc->wire_protocol);
> p->after_sb_0p = cpu_to_be32(nc->after_sb_0p);
> p->after_sb_1p = cpu_to_be32(nc->after_sb_1p);
> @@ -787,8 +783,13 @@ int __drbd_send_protocol(struct drbd_connection *connection, enum drbd_packet cm
> cf |= CF_DRY_RUN;
> p->conn_flags = cpu_to_be32(cf);
>
> - if (connection->agreed_pro_version >= 87)
> - strcpy(p->integrity_alg, nc->integrity_alg);
> + size = sizeof(*p);
> + if (connection->agreed_pro_version >= 87) {
> + int integrity_len = strlen(nc->integrity_alg) + 1;
> + size += integrity_len;
> + strscpy(p->integrity_alg, nc->integrity_alg, integrity_len);
> + }
> +
> rcu_read_unlock();
>
> return __conn_send_command(connection, sock, cmd, size, NULL, 0);
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index e5a2e5f7887b..9c2d439f26e8 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -3985,14 +3985,14 @@ static int receive_SyncParam(struct drbd_connection *connection, struct packet_i
> *new_net_conf = *old_net_conf;
>
> if (verify_tfm) {
> - strcpy(new_net_conf->verify_alg, p->verify_alg);
> + strscpy(new_net_conf->verify_alg, p->verify_alg);
> new_net_conf->verify_alg_len = strlen(p->verify_alg) + 1;
> crypto_free_shash(peer_device->connection->verify_tfm);
> peer_device->connection->verify_tfm = verify_tfm;
> drbd_info(device, "using verify-alg: \"%s\"\n", p->verify_alg);
> }
> if (csums_tfm) {
> - strcpy(new_net_conf->csums_alg, p->csums_alg);
> + strscpy(new_net_conf->csums_alg, p->csums_alg);
> new_net_conf->csums_alg_len = strlen(p->csums_alg) + 1;
> crypto_free_shash(peer_device->connection->csums_tfm);
> peer_device->connection->csums_tfm = csums_tfm;
Powered by blists - more mailing lists