| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jJrFv5Y8Q_i3yFYBDmT0+pO05dS3ijB0gOn-huasxZWmA@mail.gmail.com> Date: Fri, 5 Feb 2016 13:18:04 -0800 From: Kees Cook <keescook@...omium.org> To: David Laight <David.Laight@...lab.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, Amitkumar Karwar <akarwar@...vell.com>, Nishant Sarmukadam <nishants@...vell.com>, Kalle Valo <kvalo@...eaurora.org>, Steve French <sfrench@...ba.org>, "linux-cifs@...r.kernel.org" <linux-cifs@...r.kernel.org>, Joe Perches <joe@...ches.com>, Andy Shevchenko <andy.shevchenko@...il.com>, Rasmus Villemoes <linux@...musvillemoes.dk>, Daniel Borkmann <daniel@...earbox.net>, Michael Ellerman <mpe@...erman.id.au>, Heiko Carstens <heiko.carstens@...ibm.com>, Martin Schwidefsky <schwidefsky@...ibm.com>, "x86@...nel.org" <x86@...nel.org>, "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>, "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>, "linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v2 2/4] lib: update single-char callers of strtobool On Fri, Feb 5, 2016 at 2:46 AM, David Laight <David.Laight@...lab.com> wrote: > From: Kees Cook >> Sent: 04 February 2016 21:01 >> Some callers of strtobool were passing a pointer to unterminated strings. >> In preparation of adding multi-character processing to kstrtobool, update >> the callers to not pass single-character pointers, and switch to using the >> new kstrtobool_from_user helper where possible. > > Personally I think you should change the name of the function so that the > compiler (and linker) will pick up places that have not been changed. > Relying on people to make the required changes will cause problems. After the single-character users were pointed out, I looked for others and there aren't any. > The current code (presumably) treats "no", "nyet" and "nkjkkrkjrkjterkj" as false. > Changing that behaviour will break things. There's no change there. All three of those will still be "false". Perhaps my changelog shouldn't say "unterminated" but rather "character array". > If you want to support "on" and "off", then maybe check for the supplied string > starting with the character sequences "on\0" and "off\0" (as well as any others). > This doesn't need the input string be '\0' terminated - since you match y and n > without looking at the 2nd byte. > You'd have to be extremely unlucky to get a page fault in the 3 bytes > following an 'o' if the caller supplied a single byte buffer. I'd prefer to keep the switch statement as short as possible, and I don't want to do full string compares. And as you say, even fixing the single-byte callers seems like a needless exercise, but seeing as how it's a net clean-up, I think it's good they way I've got the series. -Kees -- Kees Cook Chrome OS & Brillo Security
Powered by blists - more mailing lists