| Message ID | 20221103113021.3271-1-Jason@zx2c4.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp469834wru;
Thu, 3 Nov 2022 04:32:56 -0700 (PDT)
X-Google-Smtp-Source:
AMsMyM7unlAmgPycldVS91LPfmhTXYk1cNw6c8skWEmthWDtkue+woJE8H0zMz/iHT9l8PBlmW1X
X-Received: by 2002:a17:90b:4d82:b0:214:1066:921c with SMTP id
oj2-20020a17090b4d8200b002141066921cmr14223195pjb.230.1667475175895;
Thu, 03 Nov 2022 04:32:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1667475175; cv=none;
d=google.com; s=arc-20160816;
b=ihRBNCX+1ec5JHpgVFgvcA6brffdfDbonmD5pMUQ9omWIEs7B+9EheQXIFr4BozvUJ
hGyrtrb+LSTXlRRMgHfIUhEECZkk2oOQLTsOl3mr2QEGQIO+Vn0ZiD6j0MZIsgM4yVat
UwFZZLkxW04NtGCufosIUUFn1Cr/TvUkxNu+X8ofthVxnPgstnGkymxEy0xm9TS5Om0I
BglzCofTHYdObJ+v6OMIjfINYVuyn4aOmEJfCgE48NShWYw6yETiD1HSZtEXvOd52fza
Wp47I3TMJpbXv7ablGDBP/+m5dCxpGACqWvLpFGlCuSERoLNIof6O4AtBVdWmNq+hk+N
sDqg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=7/f6o/OYDOQ7Q6RyE0PpCRk4Xe1H3AuP3tWnYOWByfg=;
b=dLvWmfckL0XACpB+iBVd7YQ2jDZXbfa7GTO9PUireVffrj7zr0lmODqIe5MJYpNdnK
sHDZJ8kOZM5u2GuQwBBsYm4hn8LQkPdJ/wZo8XL8OXyv9+OAHeW1S3gqbp+xIv7m9QYE
w+6MdZxGrfjnfulxP6XKWosCKqAy7awNVR5hBIzfRyLvljrT1UAW571dYYuw9oV8TwIN
EWnQIF3YGlHcgbjYy3hOw1ATf0zumb03rq+eqRuMKERmdjKAJ9psdh+U9lZx9Nod3zTs
VSQePV8ZyITHEjznfwfbJ7yx7Ooci73HkMXRL16Thu6czcv6q8jx2NCw05lObQMpYN5j
2Xqg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="U/4SZCYC";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
n2-20020a1709026a8200b00176e85e5ceasi408394plk.405.2022.11.03.04.32.40;
Thu, 03 Nov 2022 04:32:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="U/4SZCYC";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230329AbiKCLan (ORCPT <rfc822;yves.mi.zy@gmail.com> + 99 others);
Thu, 3 Nov 2022 07:30:43 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44572 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230165AbiKCLal (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 3 Nov 2022 07:30:41 -0400
Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA92C11A19;
Thu, 3 Nov 2022 04:30:37 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sin.source.kernel.org (Postfix) with ESMTPS id 65A42CE257D;
Thu, 3 Nov 2022 11:30:36 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 379EEC433C1;
Thu, 3 Nov 2022 11:30:34 +0000 (UTC)
Authentication-Results: smtp.kernel.org;
dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com
header.b="U/4SZCYC"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105;
t=1667475031;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=7/f6o/OYDOQ7Q6RyE0PpCRk4Xe1H3AuP3tWnYOWByfg=;
b=U/4SZCYCZvDqix+wIfum5CLK1MUA0V56pTQQQJAsVBiJvVG2Brr/3lUiUrzq0HQg3mP8Jy
DrfmTWK9yt3w2qmDr3qnWeKNp0kwIQ3W/TyWMc3f/0qqXGJZD01jXP0yzuQk+c24zuTdJ0
VfYDtW0FEra3VizP/cmNrokhL2w2xXU=
Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 1665c81f
(TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO);
Thu, 3 Nov 2022 11:30:31 +0000 (UTC)
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
krisman@collabora.com, jirislaby@kernel.org
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>, stable@vger.kernel.org
Subject: [PATCH v2] unicode: don't write -1 after NUL terminator
Date: Thu, 3 Nov 2022 12:30:21 +0100
Message-Id: <20221103113021.3271-1-Jason@zx2c4.com>
In-Reply-To: <79db9616-a2ee-9a1a-9a35-b82f65b6d15e@kernel.org>
References: <79db9616-a2ee-9a1a-9a35-b82f65b6d15e@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1748474449983539099?=
X-GMAIL-MSGID: =?utf-8?q?1748474449983539099?=
|
| Series |
[v2] unicode: don't write -1 after NUL terminator
|
|
Commit Message
Jason A. Donenfeld
Nov. 3, 2022, 11:30 a.m. UTC
If the intention is to overwrite the first NUL with a -1, s[strlen(s)]
is the first NUL, not s[strlen(s)+1].
Cc: Gabriel Krisman Bertazi <krisman@collabora.com>
Cc: stable@vger.kernel.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
fs/unicode/mkutf8data.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
"Jason A. Donenfeld" <Jason@zx2c4.com> writes: > If the intention is to overwrite the first NUL with a -1, s[strlen(s)] > is the first NUL, not s[strlen(s)+1]. Hi Jason, This code is part of the verification of the trie that done at the end of utf8data generation. It is making sure the tree is not corrupted, by ensuring that utf8byte doesn't see something past the correct end of the string (the first NULL byte). Note it is not a bad memory access either, since we guarantee to have allocated enough space. So I think the code is correct as is. if you apply your patch and regenerate utf8data.h_shipped, utf8byte will reach that -1 and fail the verification. > Cc: Gabriel Krisman Bertazi <krisman@collabora.com> > Cc: stable@vger.kernel.org > Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> > --- > fs/unicode/mkutf8data.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/unicode/mkutf8data.c b/fs/unicode/mkutf8data.c > index bc1a7c8b5c8d..61800e0d3226 100644 > --- a/fs/unicode/mkutf8data.c > +++ b/fs/unicode/mkutf8data.c > @@ -3194,7 +3194,7 @@ static int normalize_line(struct tree *tree) > /* Second test: length-limited string. */ > s = buf2; > /* Replace NUL with a value that will cause an error if seen. */ > - s[strlen(s) + 1] = -1; > + s[strlen(s)] = -1; > t = buf3; > if (utf8cursor(&u8c, tree, s)) > return -1;
Hi Gabriel, On Mon, Nov 07, 2022 at 09:45:25AM -0500, Gabriel Krisman Bertazi wrote: > "Jason A. Donenfeld" <Jason@zx2c4.com> writes: > > > If the intention is to overwrite the first NUL with a -1, s[strlen(s)] > > is the first NUL, not s[strlen(s)+1]. > > Hi Jason, > > This code is part of the verification of the trie that done at the end > of utf8data generation. It is making sure the tree is not corrupted, by > ensuring that utf8byte doesn't see something past the correct end of the > string (the first NULL byte). Note it is not a bad memory access > either, since we guarantee to have allocated enough space. > > So I think the code is correct as is. if you apply your patch and > regenerate utf8data.h_shipped, utf8byte will reach that -1 and fail the > verification. Ah, okay. "Replace NUL" would seem to be wrong/confusing comment text I suppose. Thanks for the explanation anyhow, and sorry for the noise. Jason > > > Cc: Gabriel Krisman Bertazi <krisman@collabora.com> > > Cc: stable@vger.kernel.org > > Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> > > --- > > fs/unicode/mkutf8data.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/fs/unicode/mkutf8data.c b/fs/unicode/mkutf8data.c > > index bc1a7c8b5c8d..61800e0d3226 100644 > > --- a/fs/unicode/mkutf8data.c > > +++ b/fs/unicode/mkutf8data.c > > @@ -3194,7 +3194,7 @@ static int normalize_line(struct tree *tree) > > /* Second test: length-limited string. */ > > s = buf2; > > /* Replace NUL with a value that will cause an error if seen. */ > > - s[strlen(s) + 1] = -1; > > + s[strlen(s)] = -1; > > t = buf3; > > if (utf8cursor(&u8c, tree, s)) > > return -1; > > -- > Gabriel Krisman Bertazi
diff --git a/fs/unicode/mkutf8data.c b/fs/unicode/mkutf8data.c index bc1a7c8b5c8d..61800e0d3226 100644 --- a/fs/unicode/mkutf8data.c +++ b/fs/unicode/mkutf8data.c @@ -3194,7 +3194,7 @@ static int normalize_line(struct tree *tree) /* Second test: length-limited string. */ s = buf2; /* Replace NUL with a value that will cause an error if seen. */ - s[strlen(s) + 1] = -1; + s[strlen(s)] = -1; t = buf3; if (utf8cursor(&u8c, tree, s)) return -1;