lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAGsJ_4xL1rqqYLLg=PuxvYi_8fS8c7MTsWDk4T=RKs29qnCb-w@mail.gmail.com>
Date: Fri, 24 Oct 2025 08:55:14 +0800
From: Barry Song <21cnbao@...il.com>
To: Biancaa Ramesh <biancaa2210329@....edu.in>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] replace strcpy with strscpy for safe copy

On Wed, Oct 22, 2025 at 1:31 PM Biancaa Ramesh
<biancaa2210329@....edu.in> wrote:
>
> Signed-off-by: Biancaa Ramesh <biancaa2210329@....edu.in>
> ---
>  mm/shmem.c | 23 ++++++++++++-----------
>  1 file changed, 12 insertions(+), 11 deletions(-)
>
> diff --git a/mm/shmem.c b/mm/shmem.c
> index b9081b817d28..6e5a5d6fc7e9 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -657,17 +657,18 @@ static int shmem_parse_huge(const char *str)
>         if (!str)
>                 return -EINVAL;
>
> -       if (!strcmp(str, "never"))
> +       if (!strncmp(str,"never",strlen("never")+1)){
>                 huge = SHMEM_HUGE_NEVER;
> -       else if (!strcmp(str, "always"))
> +       }
> +       else if (!strncmp(str, "always", strlen("always") + 1))
>                 huge = SHMEM_HUGE_ALWAYS;
> -       else if (!strcmp(str, "within_size"))
> +       else if (!strncmp(str, "within_size",strlen("Within_size")+1))
>                 huge = SHMEM_HUGE_WITHIN_SIZE;
> -       else if (!strcmp(str, "advise"))
> +       else if (!strncmp(str,"advise",strlen("advise")+1))
>                 huge = SHMEM_HUGE_ADVISE;
> -       else if (!strcmp(str, "deny"))
> +       else if (!strncmp(str,"deny",strlen("deny")+1))
>                 huge = SHMEM_HUGE_DENY;
> -       else if (!strcmp(str, "force"))
> +       else if (!strncmp(str,"force",strlen("force")+1))
>                 huge = SHMEM_HUGE_FORCE;
>         else
>                 return -EINVAL;


I think this patch is incorrect. If the goal isn’t to guard against
stack overflow,
it shouldn’t use strlen("never"); it should use the length of str.
On the other hand, we should ensure that str is large enough to hold values like
“never” or “always”.

Thanks
Barry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ