From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Morton Subject: Re: [PATCH] sanitize task->comm to avoid leaking escape codes Date: Mon, 28 Jun 2010 13:00:28 -0700 Message-ID: <20100628130028.73757a46.akpm@linux-foundation.org> References: <20100623181129.GM5876@outflux.net> <20100623194145.GA19628@redhat.com> <20100623202335.GA4424@x200> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: Oleg Nesterov , Kees Cook , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Alexander Viro , KOSAKI Motohiro , Neil Horman , Roland McGrath , Ingo Molnar , Peter Zijlstra , Thomas Gleixner To: Alexey Dobriyan Return-path: In-Reply-To: <20100623202335.GA4424@x200> Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Wed, 23 Jun 2010 23:23:35 +0300 Alexey Dobriyan wrote: > On Wed, Jun 23, 2010 at 09:41:45PM +0200, Oleg Nesterov wrote: > > On 06/23, Kees Cook wrote: > > > > -extern char *get_task_comm(char *to, struct task_struct *tsk); > > > +#define get_task_comm(buf, task) get_task_comm_size(buf, sizeof(buf), task) > > > +extern char *get_task_comm_size(char *to, size_t len, struct task_struct *tsk); > > > > Oh, but this means that get_task_comm(ptr, task) doesn't work? > > The number of users is so small, and everyone uses TASK_COMM_LEN, > so maybe nothing should be done or "char buf[TASK_COMM_LEN]"? Yup, it would take an act of wilful daftness to pass anything other than a TASK_COMM_LEN array into get_task_comm(). I can't say I like the patch much - going in and altering a task's comm[] behind its back seems fraught with all sorts of problems which I can't immediately think of. Do we corrupt (err, "fix") /proc/pid/cmdline as well? Surely it would be better to fix the tools which display this info rather than making the kernel tell fibs.