From: Len Baker <len.baker@gmx.com>
To: Bjorn Andersson <bjorn.andersson@linaro.org>
Cc: Len Baker <len.baker@gmx.com>, Kees Cook <keescook@chromium.org>,
Andy Gross <agross@kernel.org>,
Geert Uytterhoeven <geert+renesas@glider.be>,
Magnus Damm <magnus.damm@gmail.com>,
Santosh Shilimkar <ssantosh@kernel.org>,
David Laight <David.Laight@aculab.com>,
Robin Murphy <robin.murphy@arm.com>,
linux-hardening@vger.kernel.org, linux-arm-msm@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v3] drivers/soc: Remove all strcpy() uses
Date: Sat, 7 Aug 2021 19:48:39 +0200 [thread overview]
Message-ID: <20210807174839.GF2688@titan> (raw)
In-Reply-To: <YQsTesvLfAwd8z5B@builder.lan>
Hi,
On Wed, Aug 04, 2021 at 05:23:54PM -0500, Bjorn Andersson wrote:
> On Sun 01 Aug 08:19 CDT 2021, Len Baker wrote:
>
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. The safe replacement is strscpy().
> >
>
> While this is true, are any of these uses of strcpy affected by its
> shortcomings?
No, this patch is only an effort to clean up the proliferation of str*()
functions in the kernel.
> > Moreover, when the size of the destination buffer cannot be obtained
> > using "sizeof", use the memcpy function instead of strscpy.
> >
>
> This is not why you're using memcpy, you're using it because you _know_
> how many bytes should be copied - because you just did a strlen() and
> allocated that amount of space.
Understood, I will change the commit message.
>
> > [...]
> > /* Prepare req message */
> > - strcpy(req.service_path, pds->service_path);
> > + strscpy(req.service_path, pds->service_path,
> > + sizeof(req.service_path));
>
> There's no need to break this line.
Ok, thanks.
Regards,
Len
WARNING: multiple messages have this Message-ID (diff)
From: Len Baker <len.baker@gmx.com>
To: Bjorn Andersson <bjorn.andersson@linaro.org>
Cc: Len Baker <len.baker@gmx.com>, Kees Cook <keescook@chromium.org>,
Andy Gross <agross@kernel.org>,
Geert Uytterhoeven <geert+renesas@glider.be>,
Magnus Damm <magnus.damm@gmail.com>,
Santosh Shilimkar <ssantosh@kernel.org>,
David Laight <David.Laight@aculab.com>,
Robin Murphy <robin.murphy@arm.com>,
linux-hardening@vger.kernel.org, linux-arm-msm@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v3] drivers/soc: Remove all strcpy() uses
Date: Sat, 7 Aug 2021 19:48:39 +0200 [thread overview]
Message-ID: <20210807174839.GF2688@titan> (raw)
In-Reply-To: <YQsTesvLfAwd8z5B@builder.lan>
Hi,
On Wed, Aug 04, 2021 at 05:23:54PM -0500, Bjorn Andersson wrote:
> On Sun 01 Aug 08:19 CDT 2021, Len Baker wrote:
>
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. The safe replacement is strscpy().
> >
>
> While this is true, are any of these uses of strcpy affected by its
> shortcomings?
No, this patch is only an effort to clean up the proliferation of str*()
functions in the kernel.
> > Moreover, when the size of the destination buffer cannot be obtained
> > using "sizeof", use the memcpy function instead of strscpy.
> >
>
> This is not why you're using memcpy, you're using it because you _know_
> how many bytes should be copied - because you just did a strlen() and
> allocated that amount of space.
Understood, I will change the commit message.
>
> > [...]
> > /* Prepare req message */
> > - strcpy(req.service_path, pds->service_path);
> > + strscpy(req.service_path, pds->service_path,
> > + sizeof(req.service_path));
>
> There's no need to break this line.
Ok, thanks.
Regards,
Len
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-08-07 17:49 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-01 13:19 [PATCH v3] drivers/soc: Remove all strcpy() uses Len Baker
2021-08-01 13:19 ` Len Baker
2021-08-04 22:23 ` Bjorn Andersson
2021-08-04 22:23 ` Bjorn Andersson
2021-08-07 17:48 ` Len Baker [this message]
2021-08-07 17:48 ` Len Baker
2021-08-04 22:34 ` Bjorn Andersson
2021-08-04 22:34 ` Bjorn Andersson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210807174839.GF2688@titan \
--to=len.baker@gmx.com \
--cc=David.Laight@aculab.com \
--cc=agross@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=geert+renesas@glider.be \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-renesas-soc@vger.kernel.org \
--cc=magnus.damm@gmail.com \
--cc=robin.murphy@arm.com \
--cc=ssantosh@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.