* [PATCH 0/2] Fix unsafe string functions
@ 2023-04-20 23:46 Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
This series of patches contains fixes for unsafe string
functions usings. Unsafe functions were replaced with
new ones that limites the input length.
Kinga Tanska (2):
Fix unsafe string functions
platform-intel: limit guid length
mdmon.c | 6 +++---
mdopen.c | 4 ++--
platform-intel.c | 5 +----
platform-intel.h | 5 ++++-
super-intel.c | 6 +++---
5 files changed, 13 insertions(+), 13 deletions(-)
--
2.26.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] Fix unsafe string functions
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
@ 2023-04-20 23:46 ` Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
Add string length limitations where necessary to
avoid buffer overflows.
Signed-off-by: Kinga Tanska <kinga.tanska@intel.com>
---
mdmon.c | 6 +++---
mdopen.c | 4 ++--
platform-intel.c | 2 +-
super-intel.c | 6 +++---
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/mdmon.c b/mdmon.c
index cef5bbc8..a2038fe6 100644
--- a/mdmon.c
+++ b/mdmon.c
@@ -240,7 +240,7 @@ static int make_control_sock(char *devname)
return -1;
addr.sun_family = PF_LOCAL;
- strcpy(addr.sun_path, path);
+ snprintf(addr.sun_path, sizeof(addr.sun_path), "%s", path);
umask(077); /* ensure no world write access */
if (bind(sfd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
close(sfd);
@@ -389,7 +389,7 @@ int main(int argc, char *argv[])
if (all) {
struct mdstat_ent *mdstat, *e;
- int container_len = strlen(container_name);
+ int container_len = strnlen(container_name, MD_NAME_MAX);
/* launch an mdmon instance for each container found */
mdstat = mdstat_read(0, 0);
@@ -472,7 +472,7 @@ static int mdmon(char *devnm, int must_fork, int takeover)
pfd[0] = pfd[1] = -1;
container = xcalloc(1, sizeof(*container));
- strcpy(container->devnm, devnm);
+ snprintf(container->devnm, MD_NAME_MAX, "%s", devnm);
container->arrays = NULL;
container->sock = -1;
diff --git a/mdopen.c b/mdopen.c
index 810f79a3..d76169d9 100644
--- a/mdopen.c
+++ b/mdopen.c
@@ -193,14 +193,14 @@ int create_mddev(char *dev, char *name, int autof, int trustworthy,
if (dev) {
if (strncmp(dev, "/dev/md/", 8) == 0) {
- strcpy(cname, dev+8);
+ snprintf(cname, MD_NAME_MAX, "%s", dev + 8);
} else if (strncmp(dev, "/dev/", 5) == 0) {
char *e = dev + strlen(dev);
while (e > dev && isdigit(e[-1]))
e--;
if (e[0])
num = strtoul(e, NULL, 10);
- strcpy(cname, dev+5);
+ snprintf(cname, MD_NAME_MAX, "%s", dev + 5);
cname[e-(dev+5)] = 0;
/* name *must* be mdXX or md_dXX in this context */
if (num < 0 ||
diff --git a/platform-intel.c b/platform-intel.c
index 757f0b1b..22ebb2b1 100644
--- a/platform-intel.c
+++ b/platform-intel.c
@@ -201,7 +201,7 @@ struct sys_dev *device_by_id_and_path(__u16 device_id, const char *path)
static int devpath_to_ll(const char *dev_path, const char *entry, unsigned long long *val)
{
- char path[strlen(dev_path) + strlen(entry) + 2];
+ char path[strnlen(dev_path, PATH_MAX) + strnlen(entry, PATH_MAX) + 2];
int fd;
int n;
diff --git a/super-intel.c b/super-intel.c
index a5c86cb2..0806bf03 100644
--- a/super-intel.c
+++ b/super-intel.c
@@ -6990,7 +6990,7 @@ active_arrays_by_format(char *name, char* hba, struct md_list **devlist,
int fd = -1;
while (dev && !is_fd_valid(fd)) {
char *path = xmalloc(strlen(dev->name) + strlen("/dev/") + 1);
- num = sprintf(path, "%s%s", "/dev/", dev->name);
+ num = snprintf(path, PATH_MAX, "%s%s", "/dev/", dev->name);
if (num > 0)
fd = open(path, O_RDONLY, 0);
if (num <= 0 || !is_fd_valid(fd)) {
@@ -7889,7 +7889,7 @@ static int kill_subarray_imsm(struct supertype *st, char *subarray_id)
if (i < current_vol)
continue;
- sprintf(subarray, "%u", i);
+ snprintf(subarray, sizeof(subarray), "%u", i);
if (is_subarray_active(subarray, st->devnm)) {
pr_err("deleting subarray-%d would change the UUID of active subarray-%d, aborting\n",
current_vol, i);
@@ -11262,7 +11262,7 @@ static const char *imsm_get_disk_controller_domain(const char *path)
char *drv=NULL;
struct stat st;
- strcpy(disk_path, disk_by_path);
+ strncpy(disk_path, disk_by_path, PATH_MAX);
strncat(disk_path, path, PATH_MAX - strlen(disk_path) - 1);
if (stat(disk_path, &st) == 0) {
struct sys_dev* hba;
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] platform-intel: limit guid length
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
@ 2023-04-20 23:46 ` Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Kinga Tanska @ 2023-04-20 23:46 UTC (permalink / raw)
To: linux-raid; +Cc: jes, colyli
Moving GUID_STR_MAX to header to use it as
a length limitation for snprintf function.
Signed-off-by: Kinga Tanska <kinga.tanska@intel.com>
---
platform-intel.c | 3 ---
platform-intel.h | 5 ++++-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/platform-intel.c b/platform-intel.c
index 22ebb2b1..e63a112a 100644
--- a/platform-intel.c
+++ b/platform-intel.c
@@ -496,9 +496,6 @@ static const struct imsm_orom *find_imsm_hba_orom(struct sys_dev *hba)
return get_orom_by_device_id(hba->dev_id);
}
-#define GUID_STR_MAX 37 /* according to GUID format:
- * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
-
#define EFI_GUID(a, b, c, d0, d1, d2, d3, d4, d5, d6, d7) \
((struct efi_guid) \
{{ (a) & 0xff, ((a) >> 8) & 0xff, ((a) >> 16) & 0xff, ((a) >> 24) & 0xff, \
diff --git a/platform-intel.h b/platform-intel.h
index 6238d23f..3d15411b 100644
--- a/platform-intel.h
+++ b/platform-intel.h
@@ -19,6 +19,9 @@
#include <asm/types.h>
#include <strings.h>
+/* according to GUID format: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
+#define GUID_STR_MAX 37
+
/* The IMSM Capability (IMSM AHCI and ISCU OROM/EFI variable) Version Table definition */
struct imsm_orom {
__u8 signature[4];
@@ -228,7 +231,7 @@ extern struct orom_entry *orom_entries;
static inline char *guid_str(char *buf, struct efi_guid guid)
{
- sprintf(buf, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+ snprintf(buf, GUID_STR_MAX, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
guid.b[3], guid.b[2], guid.b[1], guid.b[0],
guid.b[5], guid.b[4], guid.b[7], guid.b[6],
guid.b[8], guid.b[9], guid.b[10], guid.b[11],
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] Fix unsafe string functions
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
@ 2023-05-08 20:31 ` Jes Sorensen
2 siblings, 0 replies; 4+ messages in thread
From: Jes Sorensen @ 2023-05-08 20:31 UTC (permalink / raw)
To: Kinga Tanska, linux-raid; +Cc: colyli
On 4/20/23 19:46, Kinga Tanska wrote:
> This series of patches contains fixes for unsafe string
> functions usings. Unsafe functions were replaced with
> new ones that limites the input length.
>
> Kinga Tanska (2):
> Fix unsafe string functions
> platform-intel: limit guid length
>
> mdmon.c | 6 +++---
> mdopen.c | 4 ++--
> platform-intel.c | 5 +----
> platform-intel.h | 5 ++++-
> super-intel.c | 6 +++---
> 5 files changed, 13 insertions(+), 13 deletions(-)
>
Hi Kinga,
This conflicts after applying Mariusz' changes.
Mind rebasing?
Thanks,
Jes
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-05-08 20:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-04-20 23:46 [PATCH 0/2] Fix unsafe string functions Kinga Tanska
2023-04-20 23:46 ` [PATCH 1/2] " Kinga Tanska
2023-04-20 23:46 ` [PATCH 2/2] platform-intel: limit guid length Kinga Tanska
2023-05-08 20:31 ` [PATCH 0/2] Fix unsafe string functions Jes Sorensen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).