From patchwork Wed Jan 10 23:54:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 187116 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:2411:b0:101:2151:f287 with SMTP id m17csp1125532dyi; Wed, 10 Jan 2024 15:55:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IG1TqLisf/ssxyeC3GEXRl+HIHR8mgJjZU5YgXTBBwgJ+WUgNHQEM0FFNqYPBwwK3Vm8ypI X-Received: by 2002:a05:600c:54d2:b0:40e:4561:d7af with SMTP id iw18-20020a05600c54d200b0040e4561d7afmr50622wmb.286.1704930903016; Wed, 10 Jan 2024 15:55:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704930902; cv=none; d=google.com; s=arc-20160816; b=NhsM0WD125TjDDpH3S9dUdYKC6sPiESMSIsymhCqeYo9hSn2FRe0BTHH6mTvh5QWBX 7zz94wd3+Jxgz7oFyS3VJziHAtnY+XCmHKlIKjHmgwqZXSKlYHg7bHa4NnKU+GHPdgBx 3J7rJS3CR2BgPubzU8KLbVZ5EMV9IjJtWk/IgWZw+PDcvL/PYVcBM+b6p78r2WLFf2nB LrmWtB2TB3uVI4m+dDFhJ+1VaNCv2eCGm+c3IgUrreF0veWWTNxbwk7LFbywLq4gdUme syWl9GKry3HsiQ3vYiipE/7r/3f+6Enkn3PMsfYNZOj1B4JQvGyZ2wjz/I+uurZWML4G pAFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=AkKAC8fXGxgR2FZQIwvmp6S1WjGpbzgmWqhUZnPfRwc=; fh=No1FpU+3pq/bxcw/2YN62zcshT75sBGg91EREJJFWIk=; b=sMrJm9dZIsPigy0JbDh0lZOwjiq4GEz9Bc/bSn09Mp4bndoYB6UfSkLHSvOpDEswjq dXvPoDQq6b3Rdfq8tRI3v+OKh6gygFFFX+TxH3xV2bz9NSGXrxyo3lvgVD+mJxdiwkjV 0fanGDyULgUGmXmoe8vnGXHRQcFB1FHJJLYjLrwzisheJYnBM4sWNmMj9Wi6hfLexL9d psUlDcb0w/SvTnxo+bBKCcNmz2XlsKfN0K0yjUbQq4eq8txiFnYPJQPO/0araOGST0nW 47tWQFEybhSuawKJsQ/qL2LXc2k6suAHEAdh/JkOjmqBb7UCFB4kCObKOVJFEQXS3mZ9 EAWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="RyvDBMY/"; spf=pass (google.com: domain of linux-kernel+bounces-22897-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22897-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id z16-20020a170906241000b00a26ab41d1afsi2182954eja.98.2024.01.10.15.55.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 15:55:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-22897-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="RyvDBMY/"; spf=pass (google.com: domain of linux-kernel+bounces-22897-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22897-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 97AEF1F22DEA for ; Wed, 10 Jan 2024 23:55:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 97F3650245; Wed, 10 Jan 2024 23:54:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="RyvDBMY/" Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 947314F8A6 for ; Wed, 10 Jan 2024 23:54:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1d4ba539f6cso43403835ad.3 for ; Wed, 10 Jan 2024 15:54:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1704930884; x=1705535684; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=AkKAC8fXGxgR2FZQIwvmp6S1WjGpbzgmWqhUZnPfRwc=; b=RyvDBMY/jaR5Wp09nb2N5/Y6fHOLvqZxwv5yppI8EguJ+RGHLLy6+oq2IDjJNOFipW JWWsl0up5rlg3WbbVXvyoxS8xU+UmmPO2VFU0ji7y8hqXQZAqh9UBpE0wy1esTaCC28F p6FhKbc/MfLUb4ualYSObzJLoIQc1iWgchV+w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704930884; x=1705535684; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=AkKAC8fXGxgR2FZQIwvmp6S1WjGpbzgmWqhUZnPfRwc=; b=lTHMpVZolFn30bP487j4mcsbR3Wwo/SNg9sbJK1wpmUd+wF8Ktf6c25d6M1ZrFCIzB OuHwjILwdP8xffXuwifPxYTUgtKLgpAcD+NFyBZT/Zgs5/u3DP5PvuQFIxqn80mRBWmi im5gfGeVX+F0Pm7WLrXus/XTM7/gHCQ4DfmilkHIdZYFgwDJwQdwUaDhR3mtHG21LusW hCK3RGOC+Vkbw59bcpyvQlhsCqIT14e9dpaCMM+MvWens6T/xbCV0g8LSEWQyaDmnniC p+qZgG4S4Uigz/9AOEGTHZhi0u7mvqZx+bPG9yj5nOc70vg//QEM0zwDHYM1HchValh8 IoeA== X-Gm-Message-State: AOJu0YzLx18+J3DoPO4HxJt0O6nNLshB/b117gRQmHtgfhhwQJ5WKa5S DnkwmxQ062DHCvEDJlnqanCFi0jce5QB X-Received: by 2002:a17:902:6e17:b0:1d3:65b0:838a with SMTP id u23-20020a1709026e1700b001d365b0838amr326124plk.131.1704930883861; Wed, 10 Jan 2024 15:54:43 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id p20-20020a170903249400b001d4593a2e8fsm4225463plw.83.2024.01.10.15.54.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 15:54:43 -0800 (PST) From: Kees Cook To: Kent Overstreet Cc: Kees Cook , Brian Foster , linux-bcachefs@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH] bcachefs: Replace strlcpy() with strscpy() Date: Wed, 10 Jan 2024 15:54:41 -0800 Message-Id: <20240110235438.work.385-kees@kernel.org> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1461; i=keescook@chromium.org; h=from:subject:message-id; bh=ZyUK3B0CXfdfFsJKgLgvn82ykQEB6lsn8P9ShT8/n08=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlny5BU7vXazzuAdCKg5WiEdS2gaGoj1/UONt+X dqqZTo1ZRuJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZZ8uQQAKCRCJcvTf3G3A JniiEAC0CyhVOy1fGNjm5zbSRWC8pSo7oJNyw/8tYneECk8XGjD5M0mGrj7HXUv7Yda4hN1I+Ih HMnGsgRl90reZO2GcX+izxss4Y5hbW3PZ5bUUyCSgvcZI9+RfRFx0OW/mNwSrsMpWDcF4tHqgkl UnMkMmQ6UuXQ+AJp7osJgGGv5LqsPfBEEGabjC9yyeIswHhZSZ99KYWE2B19Tp6sPRlBbDyY0Kx sW4PXnTHtqp5Sf1rD+1TB0+KqHNnJkQ0er8bDFV/Jpp3IwWvrQOk1EUSSj1r/VsA68nsbY7t6BX iFSueGdhIiOSkIqunSEfqIKd28DRS/r1AxzSZBMutIM4sgXMICE2LnkRAgHxuR12YBtXAUGV9Tn pF6LUaFmPU/jOukGZ8qLzWQPvQwd/2EpcHacu4vYzOVBNtEenUCZcZY+iHVx9fkFEJaVgA72Vs9 qNjvZbL2upPkg0uNX5GaUu5vxeGQcbrfciqNXQJ2si4bzmu7PFzLYE6dQqiBOC7kSVG2HMsArNR yH3OFyjV4ttsvWH5XQ55hL7KXwWrFz/QzNYBKAO3X6alGg5uQEXyrJ1j8BIFj1pnsap0ev+vi8X I1SW+nwykfPeYg7MjAwhc8ujJT/BwEt7T9RYx211jv0GaIG+HPcE29w8n2qxE87jFVdzoFdR0Wt 88e6v2J 1OG78piA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1787749626104442586 X-GMAIL-MSGID: 1787749626104442586 strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated[1]. Additionally, it returns the size of the source string, not the resulting size of the destination string. In an effort to remove strlcpy() completely[2], replace strlcpy() here with strscpy(). Nothing checks the return value here, so a direct replacement with strspy() is possible. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [1] Link: https://github.com/KSPP/linux/issues/89 [2] Cc: Kent Overstreet Cc: Brian Foster Cc: linux-bcachefs@vger.kernel.org Signed-off-by: Kees Cook --- fs/bcachefs/super.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/bcachefs/super.c b/fs/bcachefs/super.c index 9dbc35940197..cefe52898e8e 100644 --- a/fs/bcachefs/super.c +++ b/fs/bcachefs/super.c @@ -1386,8 +1386,8 @@ static int bch2_dev_attach_bdev(struct bch_fs *c, struct bch_sb_handle *sb) prt_bdevname(&name, ca->disk_sb.bdev); if (c->sb.nr_devices == 1) - strlcpy(c->name, name.buf, sizeof(c->name)); - strlcpy(ca->name, name.buf, sizeof(ca->name)); + strscpy(c->name, name.buf, sizeof(c->name)); + strscpy(ca->name, name.buf, sizeof(ca->name)); printbuf_exit(&name);