lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Aug 2020 08:15:48 +0000 From: David Laight <David.Laight@...LAB.COM> To: "'luobin (L)'" <luobin9@...wei.com>, Kees Cook <keescook@...omium.org> CC: David Miller <davem@...emloft.net>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "luoxianjun@...wei.com" <luoxianjun@...wei.com>, "yin.yinshi@...wei.com" <yin.yinshi@...wei.com>, "cloud.wangxiaoyun@...wei.com" <cloud.wangxiaoyun@...wei.com>, "chiqijun@...wei.com" <chiqijun@...wei.com> Subject: RE: [PATCH net-next v1] hinic: fix strncpy output truncated compile warnings > Thanks for your explanation and review. I haven't realized using strncpy() on NUL-terminated strings > is deprecated > and just trying to avoid the compile warnings. The website you provide helps me a lot. Thank you very > much! Never try to remove compile-time warnings without understanding what the code it doing. The basic problem is that strncpy() almost [1] never does what you want. It really expects it's input string to be '\0' terminated but doesn't guarantee the output will be, and also (typically) wastes cpu cycles zero filling the output buffer. Someone then defined strscpy() as an alternative, it guarantees to '\0' the output and doesn't zero fill - which can be an issue. However strscpy() has it's own problems, the return value is defined to be the length of the input string - which absolutely requires it be '\0' terminated. With 'unknown' input this can page fault! [1] This fragment looked wrong, but was right! strncpy(dest, src, sizeof src); Naive conversion to remove the strncpy() broke it. In fact 'dest' was 1 byte longer than 'src' and already zero filled, 'src' might not have been '\0' terminated. It is about the only time strncpy() is what you want! David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
Powered by blists - more mailing lists