From: Mitchell Blank Jr <mitch@sfgoth.com>
To: Felipe Alfaro Solana <felipe_alfaro@linuxmail.org>,
"YOSHIFUJI Hideaki / ?$B5HF#1QL@?(B" <yoshfuji@linux-ipv6.org>,
davem@redhat.com,
Linux Kernel Mailinglist <linux-kernel@vger.kernel.org>,
netdev@oss.sgi.com
Subject: Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy
Date: Thu, 27 Nov 2003 17:34:08 -0800 [thread overview]
Message-ID: <20031128013408.GD73661@gaz.sfgoth.com> (raw)
In-Reply-To: <20031127223348.G25015@flint.arm.linux.org.uk>
Russell King wrote:
> Sorry, bad example. Hmm, from a glance around, it seems that all of
> the places which use strncpy() implicitly zero the buffer prior to
> using strncpy().
>
> This means that the x86 strncpy is doing unnecessary zeroing. I do
> remember Alan complaining about the last set of strlcpy() stuff
> introducing information leaks - maybe those got fixed though.
The problem is that most places you're filling in an array in a struct.
So even if you use strncpy() everywhere you can still get bitten if the
compiler inserts any padding for alignment on some architecture (since
even if you fully initialize each char[] array in the structure using
strncpy you might still leak info in padding bytes)
The safest thing to do in these cases is:
1. memset() the array before you start
2. strlcpy() for filling each char[] array (since strncpy would just
re-zero those bytes it's wasteful)
Yes, the full memset() is a small waste, but its safe. In 99% of these
cases we're talking about some weird ioctl() or something that's way off
the fast path anyways.
I pointed this out some months ago and someone (forgot who) replied that
there shouldn't be any padding in any struct exported from the kernel.
They added a compiler warning for structure padding in the -mm series for
a few days, but I guess it caused so many warnings that they took it right
out again, so I believe that there ARE plenty of places that user-visible
struct's get padded by the ABI of some platforms. If there's some difinitive
evidence that padding never happens I'd like to see it.
-Mitch
next prev parent reply other threads:[~2003-11-28 1:34 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1069920883.2476.1.camel@teapot.felipe-alfaro.com>
2003-11-27 8:33 ` [PATCH 2.6]: IPv6: strcpy -> strlcpy YOSHIFUJI Hideaki / 吉藤英明
2003-11-27 10:59 ` David S. Miller
2003-11-27 12:04 ` Felipe Alfaro Solana
2003-11-27 12:09 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-27 19:46 ` Russell King
2003-11-27 19:54 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-27 20:00 ` Russell King
2003-11-27 20:47 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-27 22:06 ` Felipe Alfaro Solana
2003-11-27 22:19 ` Russell King
2003-11-27 22:33 ` Russell King
2003-11-28 1:34 ` Mitchell Blank Jr [this message]
2003-11-27 23:03 ` Felipe Alfaro Solana
2003-11-28 0:23 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-28 0:26 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-28 0:40 ` YOSHIFUJI Hideaki / 吉藤英明
2003-11-28 9:54 ` Felipe Alfaro Solana
2003-11-28 11:22 ` Jörn Engel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20031128013408.GD73661@gaz.sfgoth.com \
--to=mitch@sfgoth.com \
--cc=davem@redhat.com \
--cc=felipe_alfaro@linuxmail.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@oss.sgi.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).