From: Len Baker <len.baker@gmx.com>
To: David Laight <David.Laight@ACULAB.COM>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Len Baker <len.baker@gmx.com>, Lee Jones <lee.jones@linaro.org>,
Romain Perier <romain.perier@gmail.com>,
Allen Pais <apais@linux.microsoft.com>,
Dmitrii Wolf <dev.dragon@bk.ru>, Iain Craig <coldcity@gmail.com>,
"linux-staging@lists.linux.dev" <linux-staging@lists.linux.dev>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] staging/rtl8192u: Remove all strcpy() uses in favor of strscpy()
Date: Fri, 23 Jul 2021 20:16:25 +0200 [thread overview]
Message-ID: <20210723165353.GD2612@titan> (raw)
In-Reply-To: <ec6c9adc089849b5984b9273c38efd93@AcuMS.aculab.com>
Hi,
On Mon, Jul 19, 2021 at 08:49:54AM +0000, David Laight wrote:
> From: Len Baker
> > Sent: 18 July 2021 12:32
> >
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. The safe replacement is strscpy().
> >
> > Signed-off-by: Len Baker <len.baker@gmx.com>
> > ---
> > drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c
> > b/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c
> > index ab885353f668..1a193f900779 100644
> > --- a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c
> > +++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c
> > @@ -2226,7 +2226,8 @@ static void ieee80211_start_ibss_wq(struct work_struct *work)
> > mutex_lock(&ieee->wx_mutex);
> >
> > if (ieee->current_network.ssid_len == 0) {
> > - strcpy(ieee->current_network.ssid, IEEE80211_DEFAULT_TX_ESSID);
> > + strscpy(ieee->current_network.ssid, IEEE80211_DEFAULT_TX_ESSID,
> > + sizeof(ieee->current_network.ssid));
>
> I'm pretty sure that recent compiler releases know enough
> about strcpy() to error overflows for strcpy() from quoted
> strings into char[].
>
> If these checks are enabled for kernel builds then they are
> actually safer than the run-time check above
> (which can be mistyped).
>
> The compiler can (it may not) convert the strcpy() into a memcpy()
> using the compile-time length of the quoted string.
I agree, but if we want to remove this function entirely from the kernel [1]
we need to replace all the strcpy() uses as a previous step. And the safe
replacement is strscpy() [2].
[1] https://github.com/KSPP/linux/issues/88
[2] https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy
> David
>
> -
> Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
> Registration No: 1397386 (Wales)
>
Thanks for the feedback,
Len
prev parent reply other threads:[~2021-07-23 18:16 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-18 11:32 [PATCH] staging/rtl8192u: Remove all strcpy() uses in favor of strscpy() Len Baker
2021-07-19 8:49 ` David Laight
2021-07-23 18:16 ` Len Baker [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210723165353.GD2612@titan \
--to=len.baker@gmx.com \
--cc=David.Laight@ACULAB.COM \
--cc=apais@linux.microsoft.com \
--cc=coldcity@gmail.com \
--cc=dev.dragon@bk.ru \
--cc=gregkh@linuxfoundation.org \
--cc=lee.jones@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-staging@lists.linux.dev \
--cc=romain.perier@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.