lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 3 Mar 2022 10:17:16 -0800
From:   Yonghong Song <yhs@...com>
To:     Yuntao Wang <ytcoode@...il.com>, bpf@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next] bpf: Replace strncpy() with strscpy_pad()



On 3/3/22 12:18 AM, Yuntao Wang wrote:
> Using strncpy() on NUL-terminated strings is considered deprecated[1],
> replace it with strscpy_pad().
> 
> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
> 
> Signed-off-by: Yuntao Wang <ytcoode@...il.com>
> ---
>   kernel/bpf/helpers.c | 8 +-------
>   1 file changed, 1 insertion(+), 7 deletions(-)
> 
> diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
> index ae64110a98b5..d03b28761a67 100644
> --- a/kernel/bpf/helpers.c
> +++ b/kernel/bpf/helpers.c
> @@ -225,13 +225,7 @@ BPF_CALL_2(bpf_get_current_comm, char *, buf, u32, size)
>   	if (unlikely(!task))
>   		goto err_clear;
>   
> -	strncpy(buf, task->comm, size);
> -
> -	/* Verifier guarantees that size > 0. For task->comm exceeding
> -	 * size, guarantee that buf is %NUL-terminated. Unconditionally
> -	 * done here to save the size test.
> -	 */
> -	buf[size - 1] = 0;
> +	strscpy_pad(buf, task->comm, size);

The precise replacement should be strscpy(...), right?
I am not sure whether we want to do pad here or not, probably
not as it is mostly used by user space for string copy/print
and we don't have cases demanding padding yet.

Please keep the comment
   /* Verifier guarantees that size > 0 */
this is important as strscpy will not do anything if size == 0.


>   	return 0;
>   err_clear:
>   	memset(buf, 0, size);

Powered by blists - more mailing lists