From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3DE40233D9E for ; Sat, 27 Jun 2026 21:16:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782595009; cv=none; b=HPHtyHouYgektsoMlfuF8+PDorAs7jbZyqp/R/hH/ahHmgWFwH3g5593JIN5wzRpr600ZrTpoCB6u81Om0aicp7mQjppleTdofWYzby3PuK1BFb4L2sKHZ7PSGrzkBE5iZjK2fdQLKvQdA1hW5e6fG1R7NMbAMeIbLnJ2TF4HeA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782595009; c=relaxed/simple; bh=3rGpUDw+ddrLG9sPceYY9ObkHQDjG5NTyD2hYg6jTzI=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=sQ7vrXx38EqIcojR6BpAQXANk5QisbqtBct2gRXDs4HdGXCR8k06RFsUc3IdPLRDuf52EaRdwzvKyCG2MEILutGZWuZVQxOqHuftVkaOULpxZ17pgS799wxTNFKOko/riSgcVOg0ApHVCHW24cc/qo/IujBw50j9VQA7SG2jFTY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=OhMpEmYO; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="OhMpEmYO" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-4921eed3fa2so15027665e9.0 for ; Sat, 27 Jun 2026 14:16:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782595006; x=1783199806; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=s95FZx2QU/TjB5YrTYRCYxYo5MNS6NGrQ65w/N+79gc=; b=OhMpEmYO+A/1GPGrZ+Qmas4EUBsssEKbaynAB+sN/nVUzlVlzAhH3wMPUZOgPgrw74 +FwC5zG6rTOaKpovy0oLxDaAlDm9/taG5HPoeRBjHXjSNmCGkbTv6UVB4AD3EGQ3kdzD vtJBCcYnLqb7kt94opUwU8UAusyX9jyKUg9JeMGSDe3S77JmV+fZDOoYbAYddZ68rbsg uWvkekzl/yC/pIIWzPPpiWhscudAIITxDR7ho6Jm6GjkN10M2cWyOi+RzrC6klrW2JYm OgA1fR8Goifx1dvvFKiicgcEqpNamfbPz6eB5jNHUYvi1WtRxiQYIqBDZ/nDxo3aM70P 7DCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782595006; x=1783199806; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=s95FZx2QU/TjB5YrTYRCYxYo5MNS6NGrQ65w/N+79gc=; b=adMKH2n/tbB+PGOlgqpJmB634qfaMfRGKPUAN0RVEP2mq+1fsr9sUHNe2ADi1UGw2b nfPAkKK0oi+k3QLbDClCyPYSkF5thgEzehPQLOx1GEZGDSNyZV0UcbHKK/DHZV0b/4cJ eMqYG7AwXSCCUeziMAyIVB5kJ8ZJArUMShezZkk0lhPk2HNkYy9XjWbGiW+HhobN+wGw 5A341VlSVMp5s6ImeLqc9E6X5rZg4RpIoA+TdtQ7fRKktLOcNOls4XPnxZMX/EXJ3feG c+ddLPpwBY5MspQtt/ZHIJQ5y5myifxSjLp6CSsN0AbVsDi8J1q6iN5pL3AGdpOXdI9j sO5A== X-Forwarded-Encrypted: i=1; AFNElJ+dmcbLTAB2d99/aH+HeO1jjn2Q0ThvExMKO4VfOiv1nO3dXMCWVyVhJ3w47itcQdCjUSP54uSoP4BYAGo=@vger.kernel.org X-Gm-Message-State: AOJu0YzAA7qN6j+Phk9g/EDvgTo1tJFAjwTiqD+nFG4iYU68bW3c1pF9 LerVxkFV3oNvksaqZ8m1in8b830sf63e01rE3v6W4++TJbxphvPhOgte X-Gm-Gg: AfdE7cnZbLPw35uGdO6maCzO9e2hmurAQwCeCaaBoXH0B0QniAjd5BfRmRSSAfMfueh pYXXFhqdn3pedGleZxGrHPN3C4lWS0mW7+dJ5pMeMgkm6VYuRWzoEKGh+rEkjok/7ta9IsiavBf xjbYuiNqHjONGi4+hzSaVQxyCLkhYImx+Glu4yI3z9cwNPIwuZnykXLKOhJ04KO9CTF/NTzcHCB zfX0mLH0mvpsoYGksKuvOk3UXKifKKyAHhkwG7eL+WkYx7QWJDeo/OykEh+a+Pv/ZjwWD1lgZP6 +4ic/bNdMUDsDbOAa6ZAzGHtCfhj+e3+Pzc4tNyL6jRTGEAcoEbNDmHSSctlusnzek4KH4GO3C3 CKrXrwQwmvxluTsTff47C6zDuOlo0MaPSl5zP38DETr3WxSWc5EwNq2jbPnfz12wLi+T4Fjkjk6 GjjTdRInBdnsWeYUXgm25eeUpzsKl6QGxwWVLaNY/c5tKDbQ== X-Received: by 2002:a05:600c:6215:b0:492:463c:48b7 with SMTP id 5b1f17b1804b1-492668985c2mr157854005e9.22.1782595005526; Sat, 27 Jun 2026 14:16:45 -0700 (PDT) Received: from pumpkin (host-92-21-50-228.as13285.net. [92.21.50.228]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-49269071d05sm193434745e9.11.2026.06.27.14.16.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 27 Jun 2026 14:16:45 -0700 (PDT) Date: Sat, 27 Jun 2026 22:16:43 +0100 From: David Laight To: Ian Bridges Cc: Pablo Neira Ayuso , Florian Westphal , Phil Sutter , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] netfilter: x_tables: replace strlcat() with snprintf() Message-ID: <20260627221643.1e837496@pumpkin> In-Reply-To: References: X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; arm-unknown-linux-gnueabihf) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 26 Jun 2026 17:25:35 -0500 Ian Bridges wrote: > In preparation for removing the deprecated strlcat() API[1], replace the > strscpy()/strlcat() pairs in xt_proto_init() and xt_proto_fini() with > snprintf(), which builds each /proc file name in a single call. > > Each name is "", where is the address-family > string xt_prefix[af] and is one of the FORMAT_TABLES, > FORMAT_MATCHES or FORMAT_TARGETS literals. snprintf() with a "%s%s" > format produces the same NUL-terminated, length-bounded string as the > strscpy()/strlcat() chain it replaces, so the proc entry names are > unchanged. > > Link: https://github.com/KSPP/linux/issues/370 [1] > Signed-off-by: Ian Bridges > --- > net/netfilter/x_tables.c | 24 ++++++++---------------- > 1 file changed, 8 insertions(+), 16 deletions(-) > > diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c > index 4e6708c23922..56f4546be336 100644 > --- a/net/netfilter/x_tables.c > +++ b/net/netfilter/x_tables.c > @@ -2033,8 +2033,7 @@ int xt_proto_init(struct net *net, u_int8_t af) > root_uid = make_kuid(net->user_ns, 0); > root_gid = make_kgid(net->user_ns, 0); > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_TABLES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_TABLES); If you are going to use snprintf either paste the strings together: snprintf(buf, sizeof(buf), "%s" FORMAT_TABLES, xt_prefix[af]); or prepend the "%s" onto the #define of FORMAT_TABLES itself: snprintf(buf, sizeof(buf), FORMAT_TABLES, xt_prefix[af]); FORMAT_TABLES should also be FORMAT_NAMES. -- David > proc = proc_create_net_data(buf, 0440, net->proc_net, &xt_table_seq_ops, > sizeof(struct seq_net_private), > (void *)(unsigned long)af); > @@ -2043,8 +2042,7 @@ int xt_proto_init(struct net *net, u_int8_t af) > if (uid_valid(root_uid) && gid_valid(root_gid)) > proc_set_user(proc, root_uid, root_gid); > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_MATCHES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_MATCHES); > proc = proc_create_seq_private(buf, 0440, net->proc_net, > &xt_match_seq_ops, sizeof(struct nf_mttg_trav), > (void *)(unsigned long)af); > @@ -2053,8 +2051,7 @@ int xt_proto_init(struct net *net, u_int8_t af) > if (uid_valid(root_uid) && gid_valid(root_gid)) > proc_set_user(proc, root_uid, root_gid); > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_TARGETS, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_TARGETS); > proc = proc_create_seq_private(buf, 0440, net->proc_net, > &xt_target_seq_ops, sizeof(struct nf_mttg_trav), > (void *)(unsigned long)af); > @@ -2068,13 +2065,11 @@ int xt_proto_init(struct net *net, u_int8_t af) > > #ifdef CONFIG_PROC_FS > out_remove_matches: > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_MATCHES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_MATCHES); > remove_proc_entry(buf, net->proc_net); > > out_remove_tables: > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_TABLES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_TABLES); > remove_proc_entry(buf, net->proc_net); > out: > return -1; > @@ -2087,16 +2082,13 @@ void xt_proto_fini(struct net *net, u_int8_t af) > #ifdef CONFIG_PROC_FS > char buf[XT_FUNCTION_MAXNAMELEN]; > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_TABLES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_TABLES); > remove_proc_entry(buf, net->proc_net); > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_TARGETS, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_TARGETS); > remove_proc_entry(buf, net->proc_net); > > - strscpy(buf, xt_prefix[af], sizeof(buf)); > - strlcat(buf, FORMAT_MATCHES, sizeof(buf)); > + snprintf(buf, sizeof(buf), "%s%s", xt_prefix[af], FORMAT_MATCHES); > remove_proc_entry(buf, net->proc_net); > #endif /*CONFIG_PROC_FS*/ > }