| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Oct 2023 20:12:22 +0000
From: Justin Stitt <justinstitt@...gle.com>
To: Saurav Kashyap <skashyap@...vell.com>, Javed Hasan <jhasan@...vell.com>,
GR-QLogic-Storage-Upstream@...vell.com,
"James E.J. Bottomley" <jejb@...ux.ibm.com>, "Martin K. Petersen" <martin.petersen@...cle.com>
Cc: linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org, Justin Stitt <justinstitt@...gle.com>
Subject: [PATCH] scsi: bnx2fc: replace deprecated strncpy with strscpy
strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.
We expect hba->chip_num to be NUL-terminated based on its usage with
format strings:
snprintf(fc_host_symbolic_name(lport->host), 256,
"%s (QLogic %s) v%s over %s",
BNX2FC_NAME, hba->chip_num, BNX2FC_VERSION,
interface->netdev->name);
Moreover, NUL-padding is not required as hba is zero-allocated from its
callsite:
hba = kzalloc(sizeof(*hba), GFP_KERNEL);
Considering the above, a suitable replacement is `strscpy` [2] due to
the fact that it guarantees NUL-termination on the destination buffer
without unnecessarily NUL-padding.
Regarding stats_addr->version, I've opted to also use strscpy() instead
of strscpy_pad() as I typically see these XYZ_get_strings() pass
zero-allocated data. I couldn't track all of where
bnx2fc_ulp_get_stats() is used and if required, we could opt for
strscpy_pad().
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@...r.kernel.org
Signed-off-by: Justin Stitt <justinstitt@...gle.com>
---
Note: build-tested only.
Found with: $ rg "strncpy\("
---
drivers/scsi/bnx2fc/bnx2fc_fcoe.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/drivers/scsi/bnx2fc/bnx2fc_fcoe.c b/drivers/scsi/bnx2fc/bnx2fc_fcoe.c
index 05ddbb9bb7d8..3ebfb09329ad 100644
--- a/drivers/scsi/bnx2fc/bnx2fc_fcoe.c
+++ b/drivers/scsi/bnx2fc/bnx2fc_fcoe.c
@@ -1737,32 +1737,32 @@ static int bnx2fc_bind_pcidev(struct bnx2fc_hba *hba)
switch (pdev->device) {
case PCI_DEVICE_ID_NX2_57710:
- strncpy(hba->chip_num, "BCM57710", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57710", sizeof(hba->chip_num));
break;
case PCI_DEVICE_ID_NX2_57711:
- strncpy(hba->chip_num, "BCM57711", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57711", sizeof(hba->chip_num));
break;
case PCI_DEVICE_ID_NX2_57712:
case PCI_DEVICE_ID_NX2_57712_MF:
case PCI_DEVICE_ID_NX2_57712_VF:
- strncpy(hba->chip_num, "BCM57712", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57712", sizeof(hba->chip_num));
break;
case PCI_DEVICE_ID_NX2_57800:
case PCI_DEVICE_ID_NX2_57800_MF:
case PCI_DEVICE_ID_NX2_57800_VF:
- strncpy(hba->chip_num, "BCM57800", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57800", sizeof(hba->chip_num));
break;
case PCI_DEVICE_ID_NX2_57810:
case PCI_DEVICE_ID_NX2_57810_MF:
case PCI_DEVICE_ID_NX2_57810_VF:
- strncpy(hba->chip_num, "BCM57810", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57810", sizeof(hba->chip_num));
break;
case PCI_DEVICE_ID_NX2_57840:
case PCI_DEVICE_ID_NX2_57840_MF:
case PCI_DEVICE_ID_NX2_57840_VF:
case PCI_DEVICE_ID_NX2_57840_2_20:
case PCI_DEVICE_ID_NX2_57840_4_10:
- strncpy(hba->chip_num, "BCM57840", BCM_CHIP_LEN);
+ strscpy(hba->chip_num, "BCM57840", sizeof(hba->chip_num));
break;
default:
pr_err(PFX "Unknown device id 0x%x\n", pdev->device);
@@ -1800,7 +1800,7 @@ static int bnx2fc_ulp_get_stats(void *handle)
if (!stats_addr)
return -EINVAL;
- strncpy(stats_addr->version, BNX2FC_VERSION,
+ strscpy(stats_addr->version, BNX2FC_VERSION,
sizeof(stats_addr->version));
stats_addr->txq_size = BNX2FC_SQ_WQES_MAX;
stats_addr->rxq_size = BNX2FC_CQ_WQES_MAX;
---
base-commit: 9c5d00cb7b6bbc5a7965d9ab7d223b5402d1f02c
change-id: 20231023-strncpy-drivers-scsi-bnx2fc-bnx2fc_fcoe-c-f24335846e35
Best regards,
--
Justin Stitt <justinstitt@...gle.com>
Powered by blists - more mailing lists