From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from elvis.franken.de (elvis.franken.de [193.175.24.41]) by smtp.subspace.kernel.org (Postfix) with ESMTP id EF0B46BFCE; Mon, 13 Apr 2026 13:45:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.175.24.41 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776087923; cv=none; b=QlNyxc+hsXmbzBTQ3pGlRV7RFMUb0vKltBXJquA/tZjA+cJ6a2jjN2O1tnzziGSwDv+eaid6Hws9+z4mFJcDyPON7C6N8IUl0aMu9PCWzI0vsJ5lpf5vA+ojXDZ3gxKAvVs5ESvTg8lfGv0EvtKSEbZ5/9hcOW1xSc21CcpA8Uw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776087923; c=relaxed/simple; bh=yh3iJ/MioreNmZnVc0OTHf4MJ0O2cfP9x6JcTisig+o=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=n4E2QDKFn8Nk/t2D4ykpjclu4F9dOJu3RF9noSEghakKF0imU0EkIhtJTi0v9Mu7KyVjz5qItbZtag6YA0tuwpl08+Fl3PL3yheimkhnHHAm8gkb/sJhCILeLHFrOmdsfpPPAUVmcc2jZe97CGRfk8JcDaRFRy4z5tCr++TfVDU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=alpha.franken.de; spf=pass smtp.mailfrom=alpha.franken.de; arc=none smtp.client-ip=193.175.24.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=alpha.franken.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alpha.franken.de Received: from uucp by elvis.franken.de with local-rmail (Exim 3.36 #1) id 1wCHbE-0004aD-00; Mon, 13 Apr 2026 15:45:12 +0200 Received: by alpha.franken.de (Postfix, from userid 1000) id 71DA7C0988; Mon, 13 Apr 2026 15:43:25 +0200 (CEST) Date: Mon, 13 Apr 2026 15:43:25 +0200 From: Thomas Bogendoerfer To: Pengpeng Hou Cc: Sergey Shtylyov , linux-mips@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] MIPS: validate DT bootargs before appending them Message-ID: References: <20260403161001.1-mips-dt-bootargs-pengpeng@iscas.ac.cn> <20260407120002.2-mips-dt-bootargs-v2-pengpeng@iscas.ac.cn> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260407120002.2-mips-dt-bootargs-v2-pengpeng@iscas.ac.cn> On Tue, Apr 07, 2026 at 09:57:03AM +0800, Pengpeng Hou wrote: > bootcmdline_scan_chosen() fetches the raw flat-DT bootargs property and > passes it straight to bootcmdline_append(). That helper later feeds the > same pointer into strlcat(), which computes strlen(src) before copying. > Flat DT properties are external boot input, and this path does not > prove that bootargs is NUL-terminated within its declared bounds. > > Reject unterminated bootargs properties before appending them to the > kernel command line. > > Signed-off-by: Pengpeng Hou > --- > Changes since v1: > - use strnlen() instead of memchr() for the local NUL-termination check > > arch/mips/kernel/setup.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/mips/kernel/setup.c b/arch/mips/kernel/setup.c > index f9b228e33f3b..1ae6d0c0e1d6 100644 > --- a/arch/mips/kernel/setup.c > +++ b/arch/mips/kernel/setup.c > @@ -31,6 +31,7 @@ > #include > #include > #include > +#include > > #include > #include > @@ -541,6 +542,9 @@ static int __init bootcmdline_scan_chosen(unsigned long node, const char *uname, > > p = of_get_flat_dt_prop(node, "bootargs", &l); > if (p != NULL && l > 0) { > + if (strnlen(p, l) >= l) > + return 1; > + > bootcmdline_append(p, min(l, COMMAND_LINE_SIZE)); > *dt_bootargs = true; > } > -- > 2.50.1 (Apple Git-155) applied to mips-next Thomas. -- Crap can work. Given enough thrust pigs will fly, but it's not necessarily a good idea. [ RFC1925, 2.3 ]