[PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy

linux-scsi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
@ 2023-05-17 14:29 Azeem Shaikh
  2023-05-17 19:13 ` Kees Cook
  2023-05-22 19:39 ` Kees Cook
  0 siblings, 2 replies; 5+ messages in thread
From: Azeem Shaikh @ 2023-05-17 14:29 UTC (permalink / raw)
  To: Adam Radford
  Cc: linux-hardening, Azeem Shaikh, linux-scsi, linux-kernel,
	James E.J. Bottomley, Martin K. Petersen

strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
---
 drivers/scsi/3w-9xxx.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/3w-9xxx.c b/drivers/scsi/3w-9xxx.c
index 38d20a69ee12..f925f8664c2c 100644
--- a/drivers/scsi/3w-9xxx.c
+++ b/drivers/scsi/3w-9xxx.c
@@ -617,7 +617,7 @@ static int twa_check_srl(TW_Device_Extension *tw_dev, int *flashed)
 	}
 
 	/* Load rest of compatibility struct */
-	strlcpy(tw_dev->tw_compat_info.driver_version, TW_DRIVER_VERSION,
+	strscpy(tw_dev->tw_compat_info.driver_version, TW_DRIVER_VERSION,
 		sizeof(tw_dev->tw_compat_info.driver_version));
 	tw_dev->tw_compat_info.driver_srl_high = TW_CURRENT_DRIVER_SRL;
 	tw_dev->tw_compat_info.driver_branch_high = TW_CURRENT_DRIVER_BRANCH;


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
  2023-05-17 14:29 [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy Azeem Shaikh
@ 2023-05-17 19:13 ` Kees Cook
  2023-05-22 19:39 ` Kees Cook
  1 sibling, 0 replies; 5+ messages in thread
From: Kees Cook @ 2023-05-17 19:13 UTC (permalink / raw)
  To: Azeem Shaikh
  Cc: Adam Radford, linux-hardening, linux-scsi, linux-kernel,
	James E.J. Bottomley, Martin K. Petersen

On Wed, May 17, 2023 at 02:29:55PM +0000, Azeem Shaikh wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
> No return values were used, so direct replacement is safe.
> 
> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> [2] https://github.com/KSPP/linux/issues/89
> 
> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>

Reviewed-by: Kees Cook <keescook@chromium.org>

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
  2023-05-17 14:29 [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy Azeem Shaikh
  2023-05-17 19:13 ` Kees Cook
@ 2023-05-22 19:39 ` Kees Cook
  2023-05-22 22:41   ` Martin K. Petersen
  1 sibling, 1 reply; 5+ messages in thread
From: Kees Cook @ 2023-05-22 19:39 UTC (permalink / raw)
  To: azeemshaikh38, Adam Radford
  Cc: Kees Cook, martin.petersen, linux-scsi, linux-kernel, jejb,
	linux-hardening

On Wed, 17 May 2023 14:29:55 +0000, Azeem Shaikh wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
> No return values were used, so direct replacement is safe.
> 
> [...]

Applied to for-next/hardening, thanks!

[1/1] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
      https://git.kernel.org/kees/c/fa36c95739ab

-- 
Kees Cook


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
  2023-05-22 19:39 ` Kees Cook
@ 2023-05-22 22:41   ` Martin K. Petersen
  2023-05-23  1:21     ` Kees Cook
  0 siblings, 1 reply; 5+ messages in thread
From: Martin K. Petersen @ 2023-05-22 22:41 UTC (permalink / raw)
  To: Kees Cook
  Cc: azeemshaikh38, Adam Radford, martin.petersen, linux-scsi,
	linux-kernel, jejb, linux-hardening


Kees,

> On Wed, 17 May 2023 14:29:55 +0000, Azeem Shaikh wrote:
>> strlcpy() reads the entire source buffer first.
>> This read may exceed the destination size limit.
>> This is both inefficient and can lead to linear read
>> overflows if a source string is not NUL-terminated [1].
>> In an effort to remove strlcpy() completely [2], replace
>> strlcpy() here with strscpy().
>> No return values were used, so direct replacement is safe.
>> 
>> [...]
>
> Applied to for-next/hardening, thanks!
>
> [1/1] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
>       https://git.kernel.org/kees/c/fa36c95739ab

Are you planning on sending these? That's fine with me, just need to
know if I should close them in patchwork...

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
  2023-05-22 22:41   ` Martin K. Petersen
@ 2023-05-23  1:21     ` Kees Cook
  0 siblings, 0 replies; 5+ messages in thread
From: Kees Cook @ 2023-05-23  1:21 UTC (permalink / raw)
  To: Martin K. Petersen, Kees Cook
  Cc: azeemshaikh38, Adam Radford, martin.petersen, linux-scsi,
	linux-kernel, jejb, linux-hardening

On May 22, 2023 3:41:58 PM PDT, "Martin K. Petersen" <martin.petersen@oracle.com> wrote:
>
>Kees,
>
>> On Wed, 17 May 2023 14:29:55 +0000, Azeem Shaikh wrote:
>>> strlcpy() reads the entire source buffer first.
>>> This read may exceed the destination size limit.
>>> This is both inefficient and can lead to linear read
>>> overflows if a source string is not NUL-terminated [1].
>>> In an effort to remove strlcpy() completely [2], replace
>>> strlcpy() here with strscpy().
>>> No return values were used, so direct replacement is safe.
>>> 
>>> [...]
>>
>> Applied to for-next/hardening, thanks!
>>
>> [1/1] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy
>>       https://git.kernel.org/kees/c/fa36c95739ab
>
>Are you planning on sending these? That's fine with me, just need to
>know if I should close them in patchwork...

Yeah, I took a bunch that hadn't been picked up yet:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=for-next/hardening

Thanks!


-- 
Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2023-05-23  1:21 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-05-17 14:29 [PATCH] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy Azeem Shaikh
2023-05-17 19:13 ` Kees Cook
2023-05-22 19:39 ` Kees Cook
2023-05-22 22:41   ` Martin K. Petersen
2023-05-23  1:21     ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).