From: Kees Cook <keescook@chromium.org>
To: Maximilian Luz <luzmaximilian@gmail.com>
Cc: Bjorn Andersson <andersson@kernel.org>,
Andy Gross <agross@kernel.org>,
Konrad Dybcio <konrad.dybcio@linaro.org>,
Ard Biesheuvel <ardb@kernel.org>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Johan Hovold <johan@kernel.org>,
Steev Klimaszewski <steev@kali.org>,
linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v5 1/3] lib/ucs2_string: Add UCS-2 strscpy function
Date: Fri, 4 Aug 2023 01:18:05 -0700 [thread overview]
Message-ID: <202308040115.A4643B8@keescook> (raw)
In-Reply-To: <20230730161906.606163-2-luzmaximilian@gmail.com>
On Sun, Jul 30, 2023 at 06:19:02PM +0200, Maximilian Luz wrote:
> Add a ucs2_strscpy() function for UCS-2 strings. The behavior is
> equivalent to the standard strscpy() function, just for 16-bit character
> UCS-2 strings.
>
> Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com>
> ---
>
> Changes in v5:
> - Add ucs2_strscpy() instead of ucs2_strlcpy()
>
> Patch introduced in v4.
>
> ---
> include/linux/ucs2_string.h | 1 +
> lib/ucs2_string.c | 35 +++++++++++++++++++++++++++++++++++
> 2 files changed, 36 insertions(+)
>
> diff --git a/include/linux/ucs2_string.h b/include/linux/ucs2_string.h
> index cf3ada3e820e..c499ae809c7d 100644
> --- a/include/linux/ucs2_string.h
> +++ b/include/linux/ucs2_string.h
> @@ -10,6 +10,7 @@ typedef u16 ucs2_char_t;
> unsigned long ucs2_strnlen(const ucs2_char_t *s, size_t maxlength);
> unsigned long ucs2_strlen(const ucs2_char_t *s);
> unsigned long ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength);
> +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count);
> int ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len);
>
> unsigned long ucs2_utf8size(const ucs2_char_t *src);
> diff --git a/lib/ucs2_string.c b/lib/ucs2_string.c
> index 0a559a42359b..b608129fcbdc 100644
> --- a/lib/ucs2_string.c
> +++ b/lib/ucs2_string.c
> @@ -32,6 +32,41 @@ ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength)
> }
> EXPORT_SYMBOL(ucs2_strsize);
>
> +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count)
> +{
> + long res;
> +
> + /*
> + * Ensure that we have a valid amount of space. We need to store at
> + * least one NUL-character.
> + */
> + if (count == 0 || WARN_ON_ONCE(count > INT_MAX))
Is "count" a measure of bytes or characters? It seems to be characters.
can you please add some kern-doc for this function to clarify this.
Also, I wonder if the above check should be "count > INT_MAX / 2" since
the INT_MAX is, generally, done in byte counts.
> + return -E2BIG;
> +
> + /*
> + * Copy at most 'count' bytes, return early if we find a
If "count" is characters, this comment should not say "bytes". :)
> + * NUL-terminator.
> + */
> + for (res = 0; res < count; res++) {
> + ucs2_char_t c;
> +
> + c = src[res];
> + dst[res] = c;
> +
> + if (!c)
> + return res;
> + }
> +
> + /*
> + * The loop above terminated without finding a NUL-terminator,
> + * exceeding the 'count': Enforce proper NUL-termination and return
> + * error.
> + */
> + dst[count - 1] = 0;
> + return -E2BIG;
> +}
> +EXPORT_SYMBOL(ucs2_strscpy);
> +
> int
> ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len)
> {
> --
> 2.41.0
>
Otherwise looks good to me!
--
Kees Cook
next prev parent reply other threads:[~2023-08-04 8:18 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-30 16:19 [PATCH v5 0/3] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-07-30 16:19 ` [PATCH v5 1/3] lib/ucs2_string: Add UCS-2 strscpy function Maximilian Luz
2023-08-03 15:17 ` Bjorn Andersson
2023-08-04 8:18 ` Kees Cook [this message]
2023-08-04 19:23 ` Maximilian Luz
2023-07-30 16:19 ` [PATCH v5 2/3] firmware: qcom_scm: Add support for Qualcomm Secure Execution Environment SCM interface Maximilian Luz
2023-07-30 17:51 ` kernel test robot
2023-07-30 18:04 ` Maximilian Luz
2023-07-30 18:32 ` kernel test robot
2023-07-30 18:42 ` kernel test robot
2023-07-30 18:47 ` Maximilian Luz
2023-08-04 16:48 ` Johan Hovold
2023-08-04 20:11 ` Maximilian Luz
2023-08-07 8:46 ` Johan Hovold
2023-07-30 16:19 ` [PATCH v5 3/3] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-08-03 15:44 ` Ard Biesheuvel
2023-08-03 17:09 ` Maximilian Luz
2023-08-04 10:56 ` Ard Biesheuvel
2023-08-04 16:54 ` Johan Hovold
2023-08-04 19:44 ` Maximilian Luz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202308040115.A4643B8@keescook \
--to=keescook@chromium.org \
--cc=agross@kernel.org \
--cc=andersson@kernel.org \
--cc=ardb@kernel.org \
--cc=ilias.apalodimas@linaro.org \
--cc=johan@kernel.org \
--cc=konrad.dybcio@linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luzmaximilian@gmail.com \
--cc=srinivas.kandagatla@linaro.org \
--cc=steev@kali.org \
--cc=sudeep.holla@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.