From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EAB19C77B7A for ; Tue, 30 May 2023 15:55:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=UAVqQbzzZYX1kYluM5US5yr0Yy0xdzlUMKuehjOrjME=; b=eBZyHas3N+k0ll uUU6ToEMcaD8B4nH4wP6EuXlRK/MCsyvCHL+PAM7B1fAuUmtLq4K8RJAzdhnZyZ0SCu0QN1Q7/kCJ 4HBcvuyWY7hp9LqlU7D99eMdlmZVVzfBWqAumAOu2t547k6RNOs2Dr0yKoXAycOXym/EBFNFUbpLb qgGO9VBXtA/C14MNAETAfJE1JK3zraVeze2yo8yZVTQIMHAf/nJ7H5lnlu6nnBcBGfnh5kk6gmqiT MYquvWwiDc8zZktD+hEo7jrOGoAL8+zKw3jkf7QAIxo2+pt3veDZR/7WL1QfQwOHZFRXxBqrIMMLD zNKi5DDyB5cYYsWz5biA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q41h0-00ETfN-0H; Tue, 30 May 2023 15:55:26 +0000 Received: from mail-io1-xd2f.google.com ([2607:f8b0:4864:20::d2f]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q41gw-00ETeN-1a for linux-arm-kernel@lists.infradead.org; Tue, 30 May 2023 15:55:24 +0000 Received: by mail-io1-xd2f.google.com with SMTP id ca18e2360f4ac-77489b6f68cso327855039f.1 for ; Tue, 30 May 2023 08:55:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685462119; x=1688054119; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=HzLXJzmyM6ehvjxPhXBctuD6pzz/uhWxjF9MwpFFoX8=; b=sV0vVcLuN/c8aFPDkzIKiJQGt1mMSPXwASTgM7ibpdqLu4XwGviCTR0sJaE6Y85YEg Bk7z2RgujlJJ+T1mrbGiKUMJfbJNJ6WluHksu1/z3i5GqWa4L2bcSE97wFUpz7xqde+f E7lUcUasW1cgj0yw2wQW10mE5LRvZB3IiOmCEBespXbVIN+QAJi6naMhwHctPslZorCN q+Hl9sDTFvNL+xYcyznfDt9/xiTcXZQ8NYW1lZy55pfHhzvDuKKt+mYd0B1Jj2SwjUuH ArEfKy+j/WGPnA5tlsZybGYerz7mnNAIlT8PG6qSpI7cVgTtBY4Kw9W//qEHQwLRHKkz S0Fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685462119; x=1688054119; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HzLXJzmyM6ehvjxPhXBctuD6pzz/uhWxjF9MwpFFoX8=; b=f+5EDB8ROP+vlvfy9mKvFUE+2X3ssunK4G4orQEIoOTMg/AZvoVH0pXPSNETjrOauu 4PQVfxks0EkNkcWfvvz9JXr13/gcJsxWdU2/sIaStgBB5vY2sc+1clCgvUooho1O7lsJ IDGBSKP3ZK2G3ADwYwvJ+SM02/qnEm7SoaNgajrfeUPqy17EgtVi8Exe0XdQjBr1wXAU GrA/HR34GBwI6pT+Zmef7fs2FSH/mWUnWIpTkiuaPXlV3Mig9uYTbZ/LysbuSWbPIDqr Tdo+LsA9wpV6eTA/sPatDvic/Rv8RVt1bI0Ld8Gve2uo/KekLtP3rQEsWMcWCHMU07b4 o77w== X-Gm-Message-State: AC+VfDzFBE5qFIeM6LnR126pmAY49QbZzpjpgKrwFa4rKLBeomHe3MSd 6E9cbCXb5Eg4cFeQobHEmVA= X-Google-Smtp-Source: ACHHUZ7VhLgjsIrOf3C7o216L4H7FCwqt2jO/nkrPwsRA1lUmBkSD3bXhTcVhfW939LXCv3HpK/z0g== X-Received: by 2002:a5e:dd07:0:b0:76c:89de:ba47 with SMTP id t7-20020a5edd07000000b0076c89deba47mr2064040iop.19.1685462119157; Tue, 30 May 2023 08:55:19 -0700 (PDT) Received: from azeems-kspp.c.googlers.com.com (54.70.188.35.bc.googleusercontent.com. [35.188.70.54]) by smtp.gmail.com with ESMTPSA id ct13-20020a056638488d00b0041ceadd5f4dsm743187jab.70.2023.05.30.08.55.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 May 2023 08:55:18 -0700 (PDT) From: Azeem Shaikh To: Russell King Cc: linux-hardening@vger.kernel.org, Azeem Shaikh , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, "Russell King (Oracle)" , Linus Walleij , Amit Daniel Kachhap , Ard Biesheuvel Subject: [PATCH] ARM: Replace all non-returning strlcpy with strscpy Date: Tue, 30 May 2023 15:55:01 +0000 Message-ID: <20230530155501.222213-1-azeemshaikh38@gmail.com> X-Mailer: git-send-email 2.41.0.rc0.172.g3f132b7071-goog MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230530_085522_534333_BF034E1C X-CRM114-Status: GOOD ( 15.03 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh --- arch/arm/kernel/atags_parse.c | 4 ++-- arch/arm/kernel/setup.c | 2 +- arch/arm/kernel/vdso.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/arm/kernel/atags_parse.c b/arch/arm/kernel/atags_parse.c index 373b61f9a4f0..33f6eb5213a5 100644 --- a/arch/arm/kernel/atags_parse.c +++ b/arch/arm/kernel/atags_parse.c @@ -127,7 +127,7 @@ static int __init parse_tag_cmdline(const struct tag *tag) #elif defined(CONFIG_CMDLINE_FORCE) pr_warn("Ignoring tag cmdline (using the default kernel command line)\n"); #else - strlcpy(default_command_line, tag->u.cmdline.cmdline, + strscpy(default_command_line, tag->u.cmdline.cmdline, COMMAND_LINE_SIZE); #endif return 0; @@ -224,7 +224,7 @@ setup_machine_tags(void *atags_vaddr, unsigned int machine_nr) } /* parse_early_param needs a boot_command_line */ - strlcpy(boot_command_line, from, COMMAND_LINE_SIZE); + strscpy(boot_command_line, from, COMMAND_LINE_SIZE); return mdesc; } diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c index 75cd4699e7b3..3048a685ea79 100644 --- a/arch/arm/kernel/setup.c +++ b/arch/arm/kernel/setup.c @@ -1142,7 +1142,7 @@ void __init setup_arch(char **cmdline_p) setup_initial_init_mm(_text, _etext, _edata, _end); /* populate cmd_line too for later use, preserving boot_command_line */ - strlcpy(cmd_line, boot_command_line, COMMAND_LINE_SIZE); + strscpy(cmd_line, boot_command_line, COMMAND_LINE_SIZE); *cmdline_p = cmd_line; early_fixmap_init(); diff --git a/arch/arm/kernel/vdso.c b/arch/arm/kernel/vdso.c index 3408269d19c7..f297d66a8a76 100644 --- a/arch/arm/kernel/vdso.c +++ b/arch/arm/kernel/vdso.c @@ -135,7 +135,7 @@ static Elf32_Sym * __init find_symbol(struct elfinfo *lib, const char *symname) if (lib->dynsym[i].st_name == 0) continue; - strlcpy(name, lib->dynstr + lib->dynsym[i].st_name, + strscpy(name, lib->dynstr + lib->dynsym[i].st_name, MAX_SYMNAME); c = strchr(name, '@'); if (c) _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel