From patchwork Mon Feb 18 23:23:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Tobin C. Harding" X-Patchwork-Id: 10818951 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 07E2413BF for ; Mon, 18 Feb 2019 23:24:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E8DF42BD84 for ; Mon, 18 Feb 2019 23:24:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DD0542BE65; Mon, 18 Feb 2019 23:24:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 1DF432BD84 for ; Mon, 18 Feb 2019 23:24:56 +0000 (UTC) Received: (qmail 28639 invoked by uid 550); 18 Feb 2019 23:24:30 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 28536 invoked from network); 18 Feb 2019 23:24:29 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=gQ2Czs+WwskYJcjsHIvDj3HILOy3Yi9CMACq5Mkjk6M=; b=s3SkqYzK qoYIQ+tXK2mW/fEbmxAeKKHiSiwVU30gDfQwFTycwqsktR4zjxTOAX2D7Ay9T5/0 DIumXjLBvx0VMPAQaprY3m9DKOP2zX02ZZyMVi0SknSzE+qFn+JC9kHsEZ3HrQKO o+No+KC0jl0qNVl4JRm0pu/xobIK1xbmORjdHMqEOyctnumbuwLVESyk0tyvHJG6 gBfuwFybx2ucLLI9bDhiP6HgDMdFZd5Dnu4vacSFs2lho433lxgo7wGr6hqiWugD G14ZqZxy6l92NNiY0PEaXsxPL6ak8iLeHr85LcHuuM4Wnoabm6vlT/7EFdtV21n9 xeEn0QaaPV2ziQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtddvgddtjeculddtuddrgedtledrtddtmd cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpedfvfhosghi nhcuvedrucfjrghrughinhhgfdcuoehtohgsihhnsehkvghrnhgvlhdrohhrgheqnecukf hppeduvddurdeggedrvddtvddrudeftdenucfrrghrrghmpehmrghilhhfrhhomhepthho sghinheskhgvrhhnvghlrdhorhhgnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: From: "Tobin C. Harding" To: Kees Cook Cc: "Tobin C. Harding" , Shuah Khan , Alexander Shishkin , Greg Kroah-Hartman , Andy Shevchenko , kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org Subject: [PATCH 5/6] lib: Fix function documentation for strncpy_from_user Date: Tue, 19 Feb 2019 10:23:07 +1100 Message-Id: <20190218232308.11241-6-tobin@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190218232308.11241-1-tobin@kernel.org> References: <20190218232308.11241-1-tobin@kernel.org> MIME-Version: 1.0 X-Virus-Scanned: ClamAV using ClamSMTP Current function documentation for strncpy_from_user() is incorrect. If @count (size of destination buffer) is less than the length of the user string the function does _not_ return @count but rather returns -EFAULT. Document correctly the function return value, also add note that string may be left non-null terminated. Signed-off-by: Tobin C. Harding --- lib/strncpy_from_user.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..11fe9a4a00fd 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -82,22 +82,19 @@ static inline long do_strncpy_from_user(char *dst, const char __user *src, long } /** - * strncpy_from_user: - Copy a NUL terminated string from userspace. + * strncpy_from_user() - Copy a NUL terminated string from userspace. * @dst: Destination address, in kernel space. This buffer must be at * least @count bytes long. * @src: Source address, in user space. - * @count: Maximum number of bytes to copy, including the trailing NUL. + * @count: Maximum number of bytes to copy, including the trailing %NUL. * * Copies a NUL-terminated string from userspace to kernel space. * - * On success, returns the length of the string (not including the trailing - * NUL). - * - * If access to userspace fails, returns -EFAULT (some data may have been - * copied). - * - * If @count is smaller than the length of the string, copies @count bytes - * and returns @count. + * Return: If access to userspace fails, returns -EFAULT. Otherwise, + * return the number of characters copied excluding the trailing + * %NUL, if the length of the user string exceeds @count return + * -EFAULT (in which case @dst will be left without a %NUL + * terminator). */ long strncpy_from_user(char *dst, const char __user *src, long count) {