From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtpout-04.galae.net (smtpout-04.galae.net [185.171.202.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5503538E120 for ; Thu, 2 Jul 2026 13:07:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.171.202.116 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782997682; cv=none; b=Sc30my51/QsLok5dXGwm5kfOQGmHK8is7EdVbQ63Lq3TR86lISpMQrmhaok3+AZl3py+mqljgiIZPbBGCvSewENzKX96OuZM47OHsPIRUeRVXPlZDVYhsfLNHDCTkdfG+Voi0mpxHnXAefekJJ8jQEOMwytP3w6QPDaj2cmMb1c= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782997682; c=relaxed/simple; bh=4fTlorCasYnLUoMeosE9yaTKnF2BJEbvXaBR8469rzE=; h=From:To:Cc:Subject:In-Reply-To:References:Date:Message-ID: MIME-Version:Content-Type; b=tQipytIejI/Vk3+2GIUJWMsH/ZXuXpNN/pbMfO5dfnjrBF7MeYrX77QnwqaBc0izDtmUkTu2I254Q9vjILwTRRzLdY/swNim+hmY402mTHgCpiiqCt7mkwhUCJEIWleqwo+Qq0LO8+P2uyudIGrHv0NfwN3PDc2yN4kzi6HUoW4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=bootlin.com; spf=pass smtp.mailfrom=bootlin.com; dkim=pass (2048-bit key) header.d=bootlin.com header.i=@bootlin.com header.b=c9gv6mZy; arc=none smtp.client-ip=185.171.202.116 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=bootlin.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=bootlin.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=bootlin.com header.i=@bootlin.com header.b="c9gv6mZy" Received: from smtpout-01.galae.net (smtpout-01.galae.net [212.83.139.233]) by smtpout-04.galae.net (Postfix) with ESMTPS id E674EC4FEE1 for ; Thu, 2 Jul 2026 13:08:08 +0000 (UTC) Received: from mail.galae.net (mail.galae.net [212.83.136.155]) by smtpout-01.galae.net (Postfix) with ESMTPS id 8A1C45FF03; Thu, 2 Jul 2026 13:07:57 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id F236D104C9523; Thu, 2 Jul 2026 15:07:53 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bootlin.com; s=dkim; t=1782997676; h=from:subject:date:message-id:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=4fTlorCasYnLUoMeosE9yaTKnF2BJEbvXaBR8469rzE=; b=c9gv6mZyNrLaSxtdYc2BFWUZwDduJRN/+zePPratbOGFNfGztkNyJGTFtTKKuU+tCoG6r/ AfPYh9DNwb4ed8TVhlCGqJslpZISG5ioGmcxCuSqTuhM64TdMy4D/Asyi2SklEJPI8XNtp dZb81PGkwhG3qDC4OBBaRe6TD656r7ebaGezU7ZgKP6cchvoCr9YY6i4qSItyziVMbjCTv q23AF96vFVzNsy9eowelqkE5ewyXY2N6ODWRjCujequxKvUSdg5LFsZj1Yzfhj6sIjMN1l Cbxh6SQg3dCRDmDVJKZvNyPjqGE6QYa8UdcI+i3M0Z+v0XAUDbR545CEB7WNpg== From: Miquel Raynal To: Pengpeng Hou Cc: Richard Weinberger , Vignesh Raghavendra , Kees Cook , Finn Thain , linux-mtd@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mtd: parsers: redboot: reject unterminated FIS names In-Reply-To: <20260701053909.53859-1-pengpeng@iscas.ac.cn> (Pengpeng Hou's message of "Wed, 1 Jul 2026 13:39:09 +0800") References: <20260701053909.53859-1-pengpeng@iscas.ac.cn> User-Agent: mu4e 1.12.7; emacs 30.2 Date: Thu, 02 Jul 2026 15:07:53 +0200 Message-ID: <87ldbtr13q.fsf@bootlin.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Last-TLS-Session-Version: TLSv1.3 Hi Pengpeng, On 01/07/2026 at 13:39:09 +08, Pengpeng Hou wrote: > RedBoot FIS partition names are stored in a fixed 16-byte field that is > expected to be NUL-terminated. parse_redboot_partitions() used strlen() > to size the names area and later copied the same field with strcpy(), so > a malformed table entry without a terminator could make both operations > read beyond the descriptor. > > Validate each accepted FIS name with strnlen() before adding it to the > partition list. > > Signed-off-by: Pengpeng Hou Please add Fixes and Cc stable tags whenever you send a fix. The fixes look correct and are correctly documented, but all of them miss the tags. Thanks, Miqu=C3=A8l