| Message ID | b51141d12de77eb22101e81f9eb2c9cc44104d7a.1562283944.git.joe@perches.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | treewide: correct misuses of strscpy/strlcpy | expand |
On Thu, Jul 04, 2019 at 04:57:48PM -0700, Joe Perches wrote: > Probable cut&paste typo - use the correct field size. Huh, that's been there forever, I wonder why we haven't seen crashes? Oh, I see, name and authname both have the same size. Anyway, makes sense, thanks. Will apply for 5.3. (Unless someone else is getting this; I didn't get copied on the rest of the series.) --b. > > Signed-off-by: Joe Perches <joe@perches.com> > --- > fs/nfsd/nfs4idmap.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/nfsd/nfs4idmap.c b/fs/nfsd/nfs4idmap.c > index 2961016097ac..d1f285245af8 100644 > --- a/fs/nfsd/nfs4idmap.c > +++ b/fs/nfsd/nfs4idmap.c > @@ -83,7 +83,7 @@ ent_init(struct cache_head *cnew, struct cache_head *citm) > new->type = itm->type; > > strlcpy(new->name, itm->name, sizeof(new->name)); > - strlcpy(new->authname, itm->authname, sizeof(new->name)); > + strlcpy(new->authname, itm->authname, sizeof(new->authname)); > } > > static void > -- > 2.15.0
On Mon, 2019-07-08 at 23:14 -0400, J. Bruce Fields wrote: > On Thu, Jul 04, 2019 at 04:57:48PM -0700, Joe Perches wrote: > > Probable cut&paste typo - use the correct field size. > > Huh, that's been there forever, I wonder why we haven't seen crashes? > Oh, I see, name and authname both have the same size. > > Anyway, makes sense, thanks. Will apply for 5.3. > > (Unless someone else is getting this; I didn't get copied on the rest of > the series.) It's generally hard to cc everyone on treewide fixes like this. There's no good mechanism I know of. vger mailing lists reject emails with too many addressees. Do you have an opinion on adding the stracpy macro which could avoid many of these defects? --- include/linux/string.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/include/linux/string.h b/include/linux/string.h index 4deb11f7976b..ef01bd6f19df 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -35,6 +35,22 @@ ssize_t strscpy(char *, const char *, size_t); /* Wraps calls to strscpy()/memset(), no arch specific code required */ ssize_t strscpy_pad(char *dest, const char *src, size_t count); +#define stracpy(to, from) \ +({ \ + size_t size = ARRAY_SIZE(to); \ + BUILD_BUG_ON(!__same_type(typeof(*to), char)); \ + \ + strscpy(to, from, size); \ +}) + +#define stracpy_pad(to, from) \ +({ \ + size_t size = ARRAY_SIZE(to); \ + BUILD_BUG_ON(!__same_type(typeof(*to), char)); \ + \ + strscpy_pad(to, from, size); \ +}) + #ifndef __HAVE_ARCH_STRCAT extern char * strcat(char *, const char *); #endif
On Mon, Jul 08, 2019 at 10:40:50PM -0700, Joe Perches wrote: > On Mon, 2019-07-08 at 23:14 -0400, J. Bruce Fields wrote: > > On Thu, Jul 04, 2019 at 04:57:48PM -0700, Joe Perches wrote: > > > Probable cut&paste typo - use the correct field size. > > > > Huh, that's been there forever, I wonder why we haven't seen crashes? > > Oh, I see, name and authname both have the same size. > > > > Anyway, makes sense, thanks. Will apply for 5.3. > > > > (Unless someone else is getting this; I didn't get copied on the rest of > > the series.) > > It's generally hard to cc everyone on treewide fixes like this. > > There's no good mechanism I know of. > vger mailing lists reject emails with too many addressees. Yeah. I guess what I don't understand is why this patch is part of a series at all. It makes me wonder if there's some dependency I missed or if the 0/8 mail actually asked somebody else to apply it. Whatever, I guess I'm being silly, it clearly stands alone. Applying for 5.3. > Do you have an opinion on adding the stracpy macro which > could avoid many of these defects? I don't have an opinion. --b. > --- > include/linux/string.h | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/include/linux/string.h b/include/linux/string.h > index 4deb11f7976b..ef01bd6f19df 100644 > --- a/include/linux/string.h > +++ b/include/linux/string.h > @@ -35,6 +35,22 @@ ssize_t strscpy(char *, const char *, size_t); > /* Wraps calls to strscpy()/memset(), no arch specific code required */ > ssize_t strscpy_pad(char *dest, const char *src, size_t count); > > +#define stracpy(to, from) \ > +({ \ > + size_t size = ARRAY_SIZE(to); \ > + BUILD_BUG_ON(!__same_type(typeof(*to), char)); \ > + \ > + strscpy(to, from, size); \ > +}) > + > +#define stracpy_pad(to, from) \ > +({ \ > + size_t size = ARRAY_SIZE(to); \ > + BUILD_BUG_ON(!__same_type(typeof(*to), char)); \ > + \ > + strscpy_pad(to, from, size); \ > +}) > + > #ifndef __HAVE_ARCH_STRCAT > extern char * strcat(char *, const char *); > #endif > >
diff --git a/fs/nfsd/nfs4idmap.c b/fs/nfsd/nfs4idmap.c index 2961016097ac..d1f285245af8 100644 --- a/fs/nfsd/nfs4idmap.c +++ b/fs/nfsd/nfs4idmap.c @@ -83,7 +83,7 @@ ent_init(struct cache_head *cnew, struct cache_head *citm) new->type = itm->type; strlcpy(new->name, itm->name, sizeof(new->name)); - strlcpy(new->authname, itm->authname, sizeof(new->name)); + strlcpy(new->authname, itm->authname, sizeof(new->authname)); } static void
Probable cut&paste typo - use the correct field size. Signed-off-by: Joe Perches <joe@perches.com> --- fs/nfsd/nfs4idmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)