| Message ID | 202301091939219689840@zte.com.cn |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp2105535wrt;
Mon, 9 Jan 2023 03:42:19 -0800 (PST)
X-Google-Smtp-Source:
AMrXdXtdxJ62VrB6Ro+aqxaigJozfDPGWFBoy1P/XuFGkO4n9CL5r3CMPAid8TqJ9vNcspJnTdJj
X-Received: by 2002:a05:6a20:e613:b0:ad:aaac:d3fe with SMTP id
my19-20020a056a20e61300b000adaaacd3femr63283534pzb.47.1673264538933;
Mon, 09 Jan 2023 03:42:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673264538; cv=none;
d=google.com; s=arc-20160816;
b=sHndA33fc9otEpfprAZZyJWdexIbtC8U6m7dkxTnc7rw+7WNpi7MG7R9hXlcHNMjF4
5mpULAECrS6QbsSVLjUQrVYuLIi5SOO482ckcCOLnpGIDDUw0NoWF6iIVxFtWnlad4Hv
D0h/RrRahEqvjjTqoOEkjiO5eIQEEpa2dHZAiq0KuxP47wHQZSPYBe5NOCC19M8qcOUr
Ekb108g6JCcNkaMSbmIBFOWrFHrPlHsAyHUYj+4CDjbywnjX6GLvpYMh3BDoAfMmJmZZ
QUi148XWAx+0mfdR5/C93+6dvFK9XFudlvptJ6C7SlLj4hhfqXsJ0I1MowFGkpd0frto
gLjA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:subject:cc:to:from:mime-version:message-id:date;
bh=rEF7Kk2WneQ/Ydsa6KPON2bh43jOH0ETD+QqYz01gTM=;
b=u92haftkMej0GPVbNoFrLvu5AGDxNUunBuz4hozLFkPgF1t0mAnLEnfrrHqFDy0QAU
w9E35EPs/PlC0bTHxhehvNmxDyKq+BntnSPSZPrRMT8IERLHUH9P7h/192DS33zLNFPG
82tvry7DM9LT862JCxXd6+7tQjr3vdDsjKAB0TTn+gEZfuwyTkxY9wJ3JLRwGyiwDmtV
oYcsPFEXXu0hBFwN5LtrynSBlk/gAPLezWJBaIjXoLKCs8yuQJAN5NPm6kllYsmN6E3f
qujuG2aCi0WS/aJwy4tp+yXZTsbDE1qxpJTIHtoOf5fyrb614n/1ZFHqsMeVv0kXWgJY
Eh7Q==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zte.com.cn
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
e33-20020a635461000000b00477b463b049si3344382pgm.491.2023.01.09.03.42.05;
Mon, 09 Jan 2023 03:42:18 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zte.com.cn
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S233085AbjAILj6 (ORCPT <rfc822;zhanglyra.2023@gmail.com>
+ 99 others); Mon, 9 Jan 2023 06:39:58 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55094 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S236687AbjAILj2 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 9 Jan 2023 06:39:28 -0500
Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [63.216.63.40])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C115CB71;
Mon, 9 Jan 2023 03:39:25 -0800 (PST)
Received: from mse-fl1.zte.com.cn (unknown [10.5.228.132])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mxhk.zte.com.cn (FangMail) with ESMTPS id 4NrBmr3DPZz8R03d;
Mon, 9 Jan 2023 19:39:24 +0800 (CST)
Received: from szxlzmapp01.zte.com.cn ([10.5.231.85])
by mse-fl1.zte.com.cn with SMTP id 309BdI4g088435;
Mon, 9 Jan 2023 19:39:18 +0800 (+08)
(envelope-from yang.yang29@zte.com.cn)
Received: from mapi (szxlzmapp01[null])
by mapi (Zmail) with MAPI id mid14;
Mon, 9 Jan 2023 19:39:21 +0800 (CST)
Date: Mon, 9 Jan 2023 19:39:21 +0800 (CST)
X-Zmail-TransId: 2b0363bbfce9ffffffffb25ceaed
X-Mailer: Zmail v1.0
Message-ID: <202301091939219689840@zte.com.cn>
Mime-Version: 1.0
From: <yang.yang29@zte.com.cn>
To: <rostedt@goodmis.org>
Cc: <mhiramat@kernel.org>, <linux-kernel@vger.kernel.org>,
<linux-trace-kernel@vger.kernel.org>, <xu.panda@zte.com.cn>,
<yang.yang29@zte.com.cn>
Subject: =?utf-8?q?=5BPATCH_linux-next=5D_tracing=3A_use_strscpy=28=29_to_in?=
=?utf-8?q?stead_of_strncpy=28=29?=
Content-Type: text/plain;
charset="UTF-8"
X-MAIL: mse-fl1.zte.com.cn 309BdI4g088435
X-Fangmail-Gw-Spam-Type: 0
X-FangMail-Miltered: at cgslv5.04-192.168.250.137.novalocal with ID
63BBFCEC.000 by FangMail milter!
X-FangMail-Envelope:
1673264364/4NrBmr3DPZz8R03d/63BBFCEC.000/10.5.228.132/[10.5.228.132]/mse-fl1.zte.com.cn/<yang.yang29@zte.com.cn>
X-Fangmail-Anti-Spam-Filtered: true
X-Fangmail-MID-QID: 63BBFCEC.000/4NrBmr3DPZz8R03d
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H2,
SPF_HELO_NONE,SPF_PASS,UNPARSEABLE_RELAY autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1754545036910801049?=
X-GMAIL-MSGID: =?utf-8?q?1754545036910801049?=
|
| Series |
[linux-next] tracing: use strscpy() to instead of strncpy()
|
|
Commit Message
Yang Yang
Jan. 9, 2023, 11:39 a.m. UTC
From: Xu Panda <xu.panda@zte.com.cn> The implementation of strscpy() is more robust and safer. That's now the recommended way to copy NUL-terminated strings. Signed-off-by: Xu Panda <xu.panda@zte.com.cn> Signed-off-by: Yang Yang <yang.yang29@zte.com.cn> --- kernel/trace/trace_events_synth.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
Comments
On Mon, 9 Jan 2023 19:39:21 +0800 (CST) <yang.yang29@zte.com.cn> wrote: > From: Xu Panda <xu.panda@zte.com.cn> > > The implementation of strscpy() is more robust and safer. > That's now the recommended way to copy NUL-terminated strings. This looks good to me. Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org> Thank you, > > Signed-off-by: Xu Panda <xu.panda@zte.com.cn> > Signed-off-by: Yang Yang <yang.yang29@zte.com.cn> > --- > kernel/trace/trace_events_synth.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/kernel/trace/trace_events_synth.c b/kernel/trace/trace_events_synth.c > index 67592eed0be8..cd636edd045e 100644 > --- a/kernel/trace/trace_events_synth.c > +++ b/kernel/trace/trace_events_synth.c > @@ -195,8 +195,7 @@ static int synth_field_string_size(char *type) > if (len == 0) > return 0; /* variable-length string */ > > - strncpy(buf, start, len); > - buf[len] = '\0'; > + strscpy(buf, start, len + 1); > > err = kstrtouint(buf, 0, &size); > if (err) > -- > 2.15.2
On Mon, 9 Jan 2023 19:39:21 +0800 (CST) <yang.yang29@zte.com.cn> wrote: > From: Xu Panda <xu.panda@zte.com.cn> > > The implementation of strscpy() is more robust and safer. > That's now the recommended way to copy NUL-terminated strings. But the string being copied is *not* NUL-terminated! And this change causes a bug. This is the 3rd patch I've seen that blindly converts strncpy() to strscpy() and causes a bug in doing so. Not very safe if you ask me. > > Signed-off-by: Xu Panda <xu.panda@zte.com.cn> > Signed-off-by: Yang Yang <yang.yang29@zte.com.cn> > --- > kernel/trace/trace_events_synth.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/kernel/trace/trace_events_synth.c b/kernel/trace/trace_events_synth.c > index 67592eed0be8..cd636edd045e 100644 > --- a/kernel/trace/trace_events_synth.c > +++ b/kernel/trace/trace_events_synth.c > @@ -195,8 +195,7 @@ static int synth_field_string_size(char *type) > if (len == 0) > return 0; /* variable-length string */ > > - strncpy(buf, start, len); > - buf[len] = '\0'; > + strscpy(buf, start, len + 1); > > err = kstrtouint(buf, 0, &size); > if (err) Here's the code being affected: static int synth_field_string_size(char *type) { char buf[4], *end, *start; unsigned int len; int size, err; start = strstr(type, "char["); if (start == NULL) return -EINVAL; start += sizeof("char[") - 1; end = strchr(type, ']'); if (!end || end < start || type + strlen(type) > end + 1) return -EINVAL; len = end - start; if (len > 3) return -EINVAL; if (len == 0) return 0; /* variable-length string */ strncpy(buf, start, len); buf[len] = '\0'; And you are replacing the above two lines with just: strscpy(buf, start, len + 1); If you noticed, the string being placed into buf is: "char[123]" Where we want to copy that "123" into buf. strscpy() expects the source to be nul terminated, or it will return -E2BIG. So the above will *always* return -E2BIG *and* not end buf[] with '\0' as if strscpy() returns -E2BIG, then buf[] is not guaranteed to be NUL-terminated. NACK! -- Steve
diff --git a/kernel/trace/trace_events_synth.c b/kernel/trace/trace_events_synth.c index 67592eed0be8..cd636edd045e 100644 --- a/kernel/trace/trace_events_synth.c +++ b/kernel/trace/trace_events_synth.c @@ -195,8 +195,7 @@ static int synth_field_string_size(char *type) if (len == 0) return 0; /* variable-length string */ - strncpy(buf, start, len); - buf[len] = '\0'; + strscpy(buf, start, len + 1); err = kstrtouint(buf, 0, &size); if (err)