From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67FD6C4332F for ; Tue, 18 Oct 2022 00:39:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231659AbiJRAjL (ORCPT ); Mon, 17 Oct 2022 20:39:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232132AbiJRAip (ORCPT ); Mon, 17 Oct 2022 20:38:45 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4791C6CD0D; Mon, 17 Oct 2022 17:38:39 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E898D61113; Tue, 18 Oct 2022 00:11:06 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8F7ECC433C1; Tue, 18 Oct 2022 00:11:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1666051866; bh=Tw08p9OgUbJ0xLFOE6hicdSar0PmqvZY/9Z23rrACyw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bsGtVI/69cn79bwrnNNsVbTwoxBRMxtx9+JEaU8Ojhm51E6Ku8UC3FrTdYzENawFl FQOhQXXxmhdlmyp3YP/+ommULzQ+iq2SHOkRGJ3oWiQ9rrSIUz1tpgLI2Y9sfMO1UB 9Z1MtKarMOmUK2yjBaEeR9uFIHh7sge6IU3jt4//Xltyc63mTuLCM2GXudx4l40uzv dmN0CmSXFBm+P1D7q2n2pZEkN4L61tH4rjEgIpk0jw1Oi7i4VyEZfwElhm40Nj42h2 uYH15y0WMiil+RDtzYmY9pPkf1R6NCtyTRCoEj2Cuj8+kJGep+d5JnGgswcienOJ6v SOcONsawTXvRw== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Andreas Gruenbacher , Wolfram Sang , Sasha Levin , rpeterso@redhat.com, cluster-devel@redhat.com Subject: [PATCH AUTOSEL 5.4 02/13] gfs2: Switch from strlcpy to strscpy Date: Mon, 17 Oct 2022 20:10:51 -0400 Message-Id: <20221018001102.2731930-2-sashal@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221018001102.2731930-1-sashal@kernel.org> References: <20221018001102.2731930-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andreas Gruenbacher [ Upstream commit 204c0300c4e99707e9fb6e57840aa1127060e63f ] Switch from strlcpy to strscpy and make sure that @count is the size of the smaller of the source and destination buffers. This prevents reading beyond the end of the source buffer when the source string isn't null terminated. Found by a modified version of syzkaller. Suggested-by: Wolfram Sang Signed-off-by: Andreas Gruenbacher Signed-off-by: Sasha Levin --- fs/gfs2/ops_fstype.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/fs/gfs2/ops_fstype.c b/fs/gfs2/ops_fstype.c index 29b27d769860..2841134f7812 100644 --- a/fs/gfs2/ops_fstype.c +++ b/fs/gfs2/ops_fstype.c @@ -377,8 +377,10 @@ static int init_names(struct gfs2_sbd *sdp, int silent) if (!table[0]) table = sdp->sd_vfs->s_id; - strlcpy(sdp->sd_proto_name, proto, GFS2_FSNAME_LEN); - strlcpy(sdp->sd_table_name, table, GFS2_FSNAME_LEN); + BUILD_BUG_ON(GFS2_LOCKNAME_LEN > GFS2_FSNAME_LEN); + + strscpy(sdp->sd_proto_name, proto, GFS2_LOCKNAME_LEN); + strscpy(sdp->sd_table_name, table, GFS2_LOCKNAME_LEN); table = sdp->sd_table_name; while ((table = strchr(table, '/'))) @@ -1349,13 +1351,13 @@ static int gfs2_parse_param(struct fs_context *fc, struct fs_parameter *param) switch (o) { case Opt_lockproto: - strlcpy(args->ar_lockproto, param->string, GFS2_LOCKNAME_LEN); + strscpy(args->ar_lockproto, param->string, GFS2_LOCKNAME_LEN); break; case Opt_locktable: - strlcpy(args->ar_locktable, param->string, GFS2_LOCKNAME_LEN); + strscpy(args->ar_locktable, param->string, GFS2_LOCKNAME_LEN); break; case Opt_hostdata: - strlcpy(args->ar_hostdata, param->string, GFS2_LOCKNAME_LEN); + strscpy(args->ar_hostdata, param->string, GFS2_LOCKNAME_LEN); break; case Opt_spectator: args->ar_spectator = 1; -- 2.35.1