* [PATCH 0/2] Fix unsafe string functions
@ 2023-04-20 23:46 Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
This series of patches contains fixes for unsafe string
functions usings. Unsafe functions were replaced with
new ones that limites the input length.
Kinga Tanska (2):
Fix unsafe string functions
platform-intel: limit guid length
mdmon.c | 6 +++---
mdopen.c | 4 ++--
platform-intel.c | 5 +----
platform-intel.h | 5 ++++-
super-intel.c | 6 +++---
5 files changed, 13 insertions(+), 13 deletions(-)
--
2.26.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] Fix unsafe string functions
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
@ 2023-04-20 23:46 ` Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
Add string length limitations where necessary to
avoid buffer overflows.
Signed-off-by: Kinga Tanska <kinga.tanska@intel.com>
---
mdmon.c | 6 +++---
mdopen.c | 4 ++--
platform-intel.c | 2 +-
super-intel.c | 6 +++---
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/mdmon.c b/mdmon.c
index cef5bbc8..a2038fe6 100644
--- a/mdmon.c
+++ b/mdmon.c
@@ -240,7 +240,7 @@ static int make_control_sock(char *devname)
return -1;
addr.sun_family = PF_LOCAL;
- strcpy(addr.sun_path, path);
+ snprintf(addr.sun_path, sizeof(addr.sun_path), "%s", path);
umask(077); /* ensure no world write access */
if (bind(sfd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
close(sfd);
@@ -389,7 +389,7 @@ int main(int argc, char *argv[])
if (all) {
struct mdstat_ent *mdstat, *e;
- int container_len = strlen(container_name);
+ int container_len = strnlen(container_name, MD_NAME_MAX);
/* launch an mdmon instance for each container found */
mdstat = mdstat_read(0, 0);
@@ -472,7 +472,7 @@ static int mdmon(char *devnm, int must_fork, int takeover)
pfd[0] = pfd[1] = -1;
container = xcalloc(1, sizeof(*container));
- strcpy(container->devnm, devnm);
+ snprintf(container->devnm, MD_NAME_MAX, "%s", devnm);
container->arrays = NULL;
container->sock = -1;
diff --git a/mdopen.c b/mdopen.c
index 810f79a3..d76169d9 100644
--- a/mdopen.c
+++ b/mdopen.c
@@ -193,14 +193,14 @@ int create_mddev(char *dev, char *name, int autof, int trustworthy,
if (dev) {
if (strncmp(dev, "/dev/md/", 8) == 0) {
- strcpy(cname, dev+8);
+ snprintf(cname, MD_NAME_MAX, "%s", dev + 8);
} else if (strncmp(dev, "/dev/", 5) == 0) {
char *e = dev + strlen(dev);
while (e > dev && isdigit(e[-1]))
e--;
if (e[0])
num = strtoul(e, NULL, 10);
- strcpy(cname, dev+5);
+ snprintf(cname, MD_NAME_MAX, "%s", dev + 5);
cname[e-(dev+5)] = 0;
/* name *must* be mdXX or md_dXX in this context */
if (num < 0 ||
diff --git a/platform-intel.c b/platform-intel.c
index 757f0b1b..22ebb2b1 100644
--- a/platform-intel.c
+++ b/platform-intel.c
@@ -201,7 +201,7 @@ struct sys_dev *device_by_id_and_path(__u16 device_id, const char *path)
static int devpath_to_ll(const char *dev_path, const char *entry, unsigned long long *val)
{
- char path[strlen(dev_path) + strlen(entry) + 2];
+ char path[strnlen(dev_path, PATH_MAX) + strnlen(entry, PATH_MAX) + 2];
int fd;
int n;
diff --git a/super-intel.c b/super-intel.c
index a5c86cb2..0806bf03 100644
--- a/super-intel.c
+++ b/super-intel.c
@@ -6990,7 +6990,7 @@ active_arrays_by_format(char *name, char* hba, struct md_list **devlist,
int fd = -1;
while (dev && !is_fd_valid(fd)) {
char *path = xmalloc(strlen(dev->name) + strlen("/dev/") + 1);
- num = sprintf(path, "%s%s", "/dev/", dev->name);
+ num = snprintf(path, PATH_MAX, "%s%s", "/dev/", dev->name);
if (num > 0)
fd = open(path, O_RDONLY, 0);
if (num <= 0 || !is_fd_valid(fd)) {
@@ -7889,7 +7889,7 @@ static int kill_subarray_imsm(struct supertype *st, char *subarray_id)
if (i < current_vol)
continue;
- sprintf(subarray, "%u", i);
+ snprintf(subarray, sizeof(subarray), "%u", i);
if (is_subarray_active(subarray, st->devnm)) {
pr_err("deleting subarray-%d would change the UUID of active subarray-%d, aborting\n",
current_vol, i);
@@ -11262,7 +11262,7 @@ static const char *imsm_get_disk_controller_domain(const char *path)
char *drv=NULL;
struct stat st;
- strcpy(disk_path, disk_by_path);
+ strncpy(disk_path, disk_by_path, PATH_MAX);
strncat(disk_path, path, PATH_MAX - strlen(disk_path) - 1);
if (stat(disk_path, &st) == 0) {
struct sys_dev* hba;
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] platform-intel: limit guid length
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
@ 2023-04-20 23:46 ` Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
Moving GUID_STR_MAX to header to use it as
a length limitation for snprintf function.
Signed-off-by: Kinga Tanska <kinga.tanska@intel.com>
---
platform-intel.c | 3 ---
platform-intel.h | 5 ++++-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/platform-intel.c b/platform-intel.c
index 22ebb2b1..e63a112a 100644
--- a/platform-intel.c
+++ b/platform-intel.c
@@ -496,9 +496,6 @@ static const struct imsm_orom *find_imsm_hba_orom(struct sys_dev *hba)
return get_orom_by_device_id(hba->dev_id);
}
-#define GUID_STR_MAX 37 /* according to GUID format:
- * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
-
#define EFI_GUID(a, b, c, d0, d1, d2, d3, d4, d5, d6, d7) \
((struct efi_guid) \
{{ (a) & 0xff, ((a) >> 8) & 0xff, ((a) >> 16) & 0xff, ((a) >> 24) & 0xff, \
diff --git a/platform-intel.h b/platform-intel.h
index 6238d23f..3d15411b 100644
--- a/platform-intel.h
+++ b/platform-intel.h
@@ -19,6 +19,9 @@
#include <asm/types.h>
#include <strings.h>
+/* according to GUID format: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
+#define GUID_STR_MAX 37
+
/* The IMSM Capability (IMSM AHCI and ISCU OROM/EFI variable) Version Table definition */
struct imsm_orom {
__u8 signature[4];
@@ -228,7 +231,7 @@ extern struct orom_entry *orom_entries;
static inline char *guid_str(char *buf, struct efi_guid guid)
{
- sprintf(buf, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+ snprintf(buf, GUID_STR_MAX, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
guid.b[3], guid.b[2], guid.b[1], guid.b[0],
guid.b[5], guid.b[4], guid.b[7], guid.b[6],
guid.b[8], guid.b[9], guid.b[10], guid.b[11],
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] Fix unsafe string functions
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
@ 2023-05-08 20:31 ` Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Jes Sorensen @ 2023-05-08 20:31 UTC (permalink / raw)
To: Kinga Tanska, linux-raid; +Cc: colyli
On 4/20/23 19:46, Kinga Tanska wrote:
> This series of patches contains fixes for unsafe string
> functions usings. Unsafe functions were replaced with
> new ones that limites the input length.
>
> Kinga Tanska (2):
> Fix unsafe string functions
> platform-intel: limit guid length
>
> mdmon.c | 6 +++---
> mdopen.c | 4 ++--
> platform-intel.c | 5 +----
> platform-intel.h | 5 ++++-
> super-intel.c | 6 +++---
> 5 files changed, 13 insertions(+), 13 deletions(-)
>
Hi Kinga,
This conflicts after applying Mariusz' changes.
Mind rebasing?
Thanks,
Jes
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-05-08 20:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.