Re: [PATCH] usb: gadget: configfs: Prevent buffer overrun in usb_string_copy

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: yguoaz <yguoaz@gmail.com>
Cc: dan.scally@ideasonboard.com, andriy.shevchenko@linux.intel.com,
	frank.li@nxp.com, christophe.jaillet@wanadoo.fr,
	jgilab@gmail.com, chanh@os.amperecomputing.com,
	linux-usb@vger.kernel.org
Subject: Re: [PATCH] usb: gadget: configfs: Prevent buffer overrun in usb_string_copy
Date: Fri, 30 Jun 2023 21:48:20 +0200	[thread overview]
Message-ID: <2023063027-repackage-partake-aa3e@gregkh> (raw)
In-Reply-To: <CAM7=BFoyE8XzS8g=U_wFH_AUE-W6C2tGKWzGP4+eCZTDVDgr_g@mail.gmail.com>

On Fri, Jun 30, 2023 at 09:13:58PM +0800, yguoaz wrote:
> This is an underrun issue found by a static analysis tool (under
> research).

Then you MUST follow our research rules in order to submit patches.
Please read and follow them, otherwise we have to reject all of your
submissions.

> I suggest the patch because the code of usb_string_copy()
> rejects strings with length greater than USB_MAX_STRING_LEN,
> indicating a possibility for the input string `s` to contain unwanted
> data (e.g., being empty). For the empty string case, the proposed
> patch simply copies '\0' in `strcpy(str, s)` without touching index -1
> of `str`.
> 
> Whether `strlen(s)` could ever be zero in reality is up to the
> maintainer's judgement, since I have not worked with the subsystem. So
> please ignore the patch if it is ensured that `s` must be non-empty.

Test it and see!

good luck,

greg k-h

next prev parent reply	other threads:[~2023-06-30 19:49 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-06-30 11:04 [PATCH] usb: gadget: configfs: Prevent buffer overrun in usb_string_copy Yiyuan Guo
2023-06-30 12:17 ` Greg KH
2023-06-30 13:13   ` yguoaz
2023-06-30 19:48     ` Greg KH [this message]
2023-07-01  3:48       ` yguoaz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2023063027-repackage-partake-aa3e@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=chanh@os.amperecomputing.com \
    --cc=christophe.jaillet@wanadoo.fr \
    --cc=dan.scally@ideasonboard.com \
    --cc=frank.li@nxp.com \
    --cc=jgilab@gmail.com \
    --cc=linux-usb@vger.kernel.org \
    --cc=yguoaz@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.