From: Kees Cook <keescook@chromium.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: Maximilian Luz <luzmaximilian@gmail.com>,
Bjorn Andersson <andersson@kernel.org>,
Andy Gross <agross@kernel.org>,
Konrad Dybcio <konrad.dybcio@linaro.org>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Johan Hovold <johan@kernel.org>,
Steev Klimaszewski <steev@kali.org>,
linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4 1/4] lib/ucs2_string: Add UCS-2 strlcpy function
Date: Tue, 30 May 2023 16:18:23 -0700 [thread overview]
Message-ID: <202305301617.4858B5672@keescook> (raw)
In-Reply-To: <CAMj1kXGy1hfEyHBNmPkBFeGF9W5zx=+8z5deH3E7usdsHHB2=A@mail.gmail.com>
On Tue, May 30, 2023 at 06:17:35PM +0200, Ard Biesheuvel wrote:
> On Tue, 30 May 2023 at 18:15, Maximilian Luz <luzmaximilian@gmail.com> wrote:
> >
> > On 5/30/23 17:25, Kees Cook wrote:
> > > On Mon, May 29, 2023 at 01:03:48AM +0200, Maximilian Luz wrote:
> > >> Add a ucs2_strlcpy() function for UCS-2 strings. The behavior is
> > >> equivalent to the standard strlcpy() function, just for 16-bit character
> > >> UCS-2 strings.
> > >
> > > Eek, no. strlcpy() is dangerous in multiple ways[1]. Please implement
> > > strscpy() (i.e. use strnlen(), negative error on truncation, etc).
> >
> > Right, make sense, thanks. Somehow I missed that the kernel has a better
> > function than the C stdlib for that...
> >
> > > Additionally, it'd be nice of the ucs2 helpers here also implemented the
> > > rest of the CONFIG_FORTIFY_SOURCE mitigations (i.e. checking for source
> > > and destination buffer size overflows at compile-time and run-time with
> > > __builtin_object_size() and __builtin_dynamoc_object_size() respectively).
> >
> > I can certainly try that, but I think this might be better suited for a
> > follow-up series, given that we then should also add those to the other
> > helpers.
> >
>
> Agreed. Let's log the followup work as a kspp work item, no need to
> make that part of this series.
Yeah, that's fine. Can you please open a KSSP issue for it so we don't
forget? :)
--
Kees Cook
next prev parent reply other threads:[~2023-05-30 23:19 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-28 23:03 [PATCH v4 0/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 1/4] lib/ucs2_string: Add UCS-2 strlcpy function Maximilian Luz
2023-05-30 15:25 ` Kees Cook
2023-05-30 16:15 ` Maximilian Luz
2023-05-30 16:17 ` Ard Biesheuvel
2023-05-30 23:18 ` Kees Cook [this message]
2023-05-28 23:03 ` [PATCH v4 2/4] firmware: qcom_scm: Clear scm pointer on probe failure Maximilian Luz
2023-06-28 11:20 ` Johan Hovold
2023-07-20 18:55 ` Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 3/4] firmware: qcom_scm: Add support for Qualcomm Secure Execution Environment SCM interface Maximilian Luz
2023-06-28 12:11 ` Johan Hovold
2023-06-28 12:50 ` Johan Hovold
2023-07-20 19:27 ` Maximilian Luz
2023-07-20 19:16 ` Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 4/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-06-29 12:12 ` Johan Hovold
2023-07-20 19:33 ` Maximilian Luz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202305301617.4858B5672@keescook \
--to=keescook@chromium.org \
--cc=agross@kernel.org \
--cc=andersson@kernel.org \
--cc=ardb@kernel.org \
--cc=ilias.apalodimas@linaro.org \
--cc=johan@kernel.org \
--cc=konrad.dybcio@linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luzmaximilian@gmail.com \
--cc=srinivas.kandagatla@linaro.org \
--cc=steev@kali.org \
--cc=sudeep.holla@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.