From: Steven Rostedt <rostedt@goodmis.org>
To: linux-kernel@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Azeem Shaikh <azeemshaikh38@gmail.com>,
Kees Cook <keescook@chromium.org>
Subject: [for-next][PATCH 12/13] tracing/boot: Replace strlcpy with strscpy
Date: Wed, 21 Jun 2023 12:29:35 -0400 [thread overview]
Message-ID: <20230621162946.729796944@goodmis.org> (raw)
In-Reply-To: 20230621162923.953123395@goodmis.org
From: Azeem Shaikh <azeemshaikh38@gmail.com>
strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
Direct replacement is safe here since return value of -E2BIG
is used to check for truncation instead of sizeof(dest).
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
Link: https://lore.kernel.org/linux-trace-kernel/20230613004125.3539934-1-azeemshaikh38@gmail.com
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
kernel/trace/trace_boot.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/trace/trace_boot.c b/kernel/trace/trace_boot.c
index 778200dd8ede..5fe525f1b8cc 100644
--- a/kernel/trace/trace_boot.c
+++ b/kernel/trace/trace_boot.c
@@ -31,7 +31,7 @@ trace_boot_set_instance_options(struct trace_array *tr, struct xbc_node *node)
/* Common ftrace options */
xbc_node_for_each_array_value(node, "options", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -87,7 +87,7 @@ trace_boot_enable_events(struct trace_array *tr, struct xbc_node *node)
const char *p;
xbc_node_for_each_array_value(node, "events", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -486,7 +486,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
p = xbc_node_find_value(enode, "filter", NULL);
if (p && *p != '\0') {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG)
pr_err("filter string is too long: %s\n", p);
else if (apply_event_filter(file, buf) < 0)
pr_err("Failed to apply filter: %s\n", buf);
@@ -494,7 +494,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
if (IS_ENABLED(CONFIG_HIST_TRIGGERS)) {
xbc_node_for_each_array_value(enode, "actions", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG)
pr_err("action string is too long: %s\n", p);
else if (trigger_process_regex(file, buf) < 0)
pr_err("Failed to apply an action: %s\n", p);
--
2.39.2
next prev parent reply other threads:[~2023-06-21 16:30 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-21 16:29 [for-next][PATCH 00/13] tracing: Updates for 6.5 Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 02/13] function_graph: Support recording and printing the return value of function Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 03/13] tracing: Add documentation for funcgraph-retval and funcgraph-retval-hex Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 04/13] arm64: ftrace: Enable HAVE_FUNCTION_GRAPH_RETVAL Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 05/13] x86/ftrace: " Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 06/13] LoongArch: ftrace: " Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 07/13] selftests/ftrace: Add funcgraph-retval test case Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 08/13] ftrace: Show all functions with addresses in available_filter_functions_addrs Steven Rostedt
2023-06-22 7:30 ` Jackie Liu
2023-06-21 16:29 ` [for-next][PATCH 09/13] tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 10/13] tracing/osnoise: Skip running osnoise if all instances are off Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 11/13] tracing/timerlat: Add user-space interface Steven Rostedt
2023-06-21 16:29 ` Steven Rostedt [this message]
2023-06-21 16:29 ` [for-next][PATCH 13/13] riscv: ftrace: Enable HAVE_FUNCTION_GRAPH_RETVAL Steven Rostedt
[not found] ` <20230621162944.507694485@goodmis.org>
2023-06-21 16:36 ` [for-next][PATCH 01/13] fgraph: Add declaration of "struct fgraph_ret_regs" Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230621162946.729796944@goodmis.org \
--to=rostedt@goodmis.org \
--cc=akpm@linux-foundation.org \
--cc=azeemshaikh38@gmail.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mhiramat@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.