| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 May 2023 01:06:43 +0900
From: Masami Hiramatsu (Google) <mhiramat@...nel.org>
To: Azeem Shaikh <azeemshaikh38@...il.com>
Cc: Steven Rostedt <rostedt@...dmis.org>,
linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH v2] tracing: Replace all non-returning strlcpy with
strscpy
On Tue, 16 May 2023 14:39:56 +0000
Azeem Shaikh <azeemshaikh38@...il.com> wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
>
> No return values were used, so direct replacement with strlcpy is safe.
>
> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> [2] https://github.com/KSPP/linux/issues/89
>
> Signed-off-by: Azeem Shaikh <azeemshaikh38@...il.com>
Looks good to me.
Acked-by: Masami Hiramatsu (Google) <mhiramat@...nel.org>
Thank you,
> ---
> v1: https://lore.kernel.org/all/20230516043943.5234-1-azeemshaikh38@gmail.com/
> Changes from v1:
> - Removed subsystem specific files.
> - Minor update to commit log.
>
> kernel/trace/trace.c | 8 ++++----
> kernel/trace/trace_events.c | 4 ++--
> kernel/trace/trace_events_inject.c | 4 ++--
> kernel/trace/trace_kprobe.c | 2 +-
> kernel/trace/trace_probe.c | 2 +-
> 5 files changed, 10 insertions(+), 10 deletions(-)
>
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index ebc59781456a..28ccd0c9bdf0 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -196,7 +196,7 @@ static int boot_snapshot_index;
>
> static int __init set_cmdline_ftrace(char *str)
> {
> - strlcpy(bootup_tracer_buf, str, MAX_TRACER_SIZE);
> + strscpy(bootup_tracer_buf, str, MAX_TRACER_SIZE);
> default_bootup_tracer = bootup_tracer_buf;
> /* We are using ftrace early, expand it */
> ring_buffer_expanded = true;
> @@ -281,7 +281,7 @@ static char trace_boot_options_buf[MAX_TRACER_SIZE] __initdata;
>
> static int __init set_trace_boot_options(char *str)
> {
> - strlcpy(trace_boot_options_buf, str, MAX_TRACER_SIZE);
> + strscpy(trace_boot_options_buf, str, MAX_TRACER_SIZE);
> return 1;
> }
> __setup("trace_options=", set_trace_boot_options);
> @@ -291,7 +291,7 @@ static char *trace_boot_clock __initdata;
>
> static int __init set_trace_boot_clock(char *str)
> {
> - strlcpy(trace_boot_clock_buf, str, MAX_TRACER_SIZE);
> + strscpy(trace_boot_clock_buf, str, MAX_TRACER_SIZE);
> trace_boot_clock = trace_boot_clock_buf;
> return 1;
> }
> @@ -2521,7 +2521,7 @@ static void __trace_find_cmdline(int pid, char comm[])
> if (map != NO_CMDLINE_MAP) {
> tpid = savedcmd->map_cmdline_to_pid[map];
> if (tpid == pid) {
> - strlcpy(comm, get_saved_cmdlines(map), TASK_COMM_LEN);
> + strscpy(comm, get_saved_cmdlines(map), TASK_COMM_LEN);
> return;
> }
> }
> diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c
> index 654ffa40457a..dc83a259915b 100644
> --- a/kernel/trace/trace_events.c
> +++ b/kernel/trace/trace_events.c
> @@ -2831,7 +2831,7 @@ static __init int setup_trace_triggers(char *str)
> char *buf;
> int i;
>
> - strlcpy(bootup_trigger_buf, str, COMMAND_LINE_SIZE);
> + strscpy(bootup_trigger_buf, str, COMMAND_LINE_SIZE);
> ring_buffer_expanded = true;
> disable_tracing_selftest("running event triggers");
>
> @@ -3621,7 +3621,7 @@ static char bootup_event_buf[COMMAND_LINE_SIZE] __initdata;
>
> static __init int setup_trace_event(char *str)
> {
> - strlcpy(bootup_event_buf, str, COMMAND_LINE_SIZE);
> + strscpy(bootup_event_buf, str, COMMAND_LINE_SIZE);
> ring_buffer_expanded = true;
> disable_tracing_selftest("running event tracing");
>
> diff --git a/kernel/trace/trace_events_inject.c b/kernel/trace/trace_events_inject.c
> index d6b4935a78c0..abe805d471eb 100644
> --- a/kernel/trace/trace_events_inject.c
> +++ b/kernel/trace/trace_events_inject.c
> @@ -217,7 +217,7 @@ static int parse_entry(char *str, struct trace_event_call *call, void **pentry)
> char *addr = (char *)(unsigned long) val;
>
> if (field->filter_type == FILTER_STATIC_STRING) {
> - strlcpy(entry + field->offset, addr, field->size);
> + strscpy(entry + field->offset, addr, field->size);
> } else if (field->filter_type == FILTER_DYN_STRING ||
> field->filter_type == FILTER_RDYN_STRING) {
> int str_len = strlen(addr) + 1;
> @@ -232,7 +232,7 @@ static int parse_entry(char *str, struct trace_event_call *call, void **pentry)
> }
> entry = *pentry;
>
> - strlcpy(entry + (entry_size - str_len), addr, str_len);
> + strscpy(entry + (entry_size - str_len), addr, str_len);
> str_item = (u32 *)(entry + field->offset);
> if (field->filter_type == FILTER_RDYN_STRING)
> str_loc -= field->offset + field->size;
> diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
> index 59cda19a9033..1b3fa7b854aa 100644
> --- a/kernel/trace/trace_kprobe.c
> +++ b/kernel/trace/trace_kprobe.c
> @@ -30,7 +30,7 @@ static char kprobe_boot_events_buf[COMMAND_LINE_SIZE] __initdata;
>
> static int __init set_kprobe_boot_events(char *str)
> {
> - strlcpy(kprobe_boot_events_buf, str, COMMAND_LINE_SIZE);
> + strscpy(kprobe_boot_events_buf, str, COMMAND_LINE_SIZE);
> disable_tracing_selftest("running kprobe events");
>
> return 1;
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 2d2616678295..73055ba8d8ef 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -254,7 +254,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
> trace_probe_log_err(offset, GROUP_TOO_LONG);
> return -EINVAL;
> }
> - strlcpy(buf, event, slash - event + 1);
> + strscpy(buf, event, slash - event + 1);
> if (!is_good_system_name(buf)) {
> trace_probe_log_err(offset, BAD_GROUP_NAME);
> return -EINVAL;
> --
> 2.40.1.606.ga4b1b128d6-goog
>
>
--
Masami Hiramatsu (Google) <mhiramat@...nel.org>
Powered by blists - more mailing lists