Message ID | 20230726215957.never.619-kees@kernel.org (mailing list archive) |
---|---|
State | Mainlined |
Commit | 630fdd592912614a72d00026fdadad72d9ef62eb |
Headers | show |
Series | seq_file: seq_show_option_n() is used for precise sizes | expand |
On Wed, Jul 26, 2023 at 02:59:57PM -0700, Kees Cook wrote: > When seq_show_option_n() is used, it is for non-string memory that > happens to be printable bytes. As such, we must use memcpy() to copy the > bytes and then explicitly NUL-terminate the result. FWIW, Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> > Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> > Cc: Andrew Morton <akpm@linux-foundation.org> > Cc: Al Viro <viro@zeniv.linux.org.uk> > Cc: Muchun Song <muchun.song@linux.dev> > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > include/linux/seq_file.h | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h > index bd023dd38ae6..386ab580b839 100644 > --- a/include/linux/seq_file.h > +++ b/include/linux/seq_file.h > @@ -249,18 +249,19 @@ static inline void seq_show_option(struct seq_file *m, const char *name, > > /** > * seq_show_option_n - display mount options with appropriate escapes > - * where @value must be a specific length. > + * where @value must be a specific length (i.e. > + * not NUL-terminated). > * @m: the seq_file handle > * @name: the mount option name > * @value: the mount option name's value, cannot be NULL > - * @length: the length of @value to display > + * @length: the exact length of @value to display, must be constant expression > * > * This is a macro since this uses "length" to define the size of the > * stack buffer. > */ > #define seq_show_option_n(m, name, value, length) { \ > char val_buf[length + 1]; \ > - strncpy(val_buf, value, length); \ > + memcpy(val_buf, value, length); \ > val_buf[length] = '\0'; \ > seq_show_option(m, name, val_buf); \ > } > -- > 2.34.1 >
On Wed, 26 Jul 2023 14:59:57 -0700, Kees Cook wrote: > When seq_show_option_n() is used, it is for non-string memory that > happens to be printable bytes. As such, we must use memcpy() to copy the > bytes and then explicitly NUL-terminate the result. > > Applied, thanks! [1/1] seq_file: seq_show_option_n() is used for precise sizes https://git.kernel.org/kees/c/630fdd592912 Best regards,
diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h index bd023dd38ae6..386ab580b839 100644 --- a/include/linux/seq_file.h +++ b/include/linux/seq_file.h @@ -249,18 +249,19 @@ static inline void seq_show_option(struct seq_file *m, const char *name, /** * seq_show_option_n - display mount options with appropriate escapes - * where @value must be a specific length. + * where @value must be a specific length (i.e. + * not NUL-terminated). * @m: the seq_file handle * @name: the mount option name * @value: the mount option name's value, cannot be NULL - * @length: the length of @value to display + * @length: the exact length of @value to display, must be constant expression * * This is a macro since this uses "length" to define the size of the * stack buffer. */ #define seq_show_option_n(m, name, value, length) { \ char val_buf[length + 1]; \ - strncpy(val_buf, value, length); \ + memcpy(val_buf, value, length); \ val_buf[length] = '\0'; \ seq_show_option(m, name, val_buf); \ }
When seq_show_option_n() is used, it is for non-string memory that happens to be printable bytes. As such, we must use memcpy() to copy the bytes and then explicitly NUL-terminate the result. Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Muchun Song <muchun.song@linux.dev> Signed-off-by: Kees Cook <keescook@chromium.org> --- include/linux/seq_file.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-)