From patchwork Fri Feb 19 08:40:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Palash Oswal X-Patchwork-Id: 12094831 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-20.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D8FFC433DB for ; Fri, 19 Feb 2021 08:49:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1690964EB8 for ; Fri, 19 Feb 2021 08:49:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229639AbhBSIt2 (ORCPT ); Fri, 19 Feb 2021 03:49:28 -0500 Received: from us2-ob3-3.mailhostbox.com ([208.91.199.218]:44415 "EHLO us2-ob3-3.mailhostbox.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229587AbhBSItY (ORCPT ); Fri, 19 Feb 2021 03:49:24 -0500 X-Greylist: delayed 464 seconds by postgrey-1.27 at vger.kernel.org; Fri, 19 Feb 2021 03:49:23 EST Received: from g3.oswalpalash.com (unknown [49.36.75.42]) (Authenticated sender: hello@oswalpalash.com) by us2.outbound.mailhostbox.com (Postfix) with ESMTPA id 18B5ED7950; Fri, 19 Feb 2021 08:40:47 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oswalpalash.com; s=20160715; t=1613724058; bh=w/MXL5PWmCp6/RiRm7vqAcjP+5e8CSmCtNdJkAowHAs=; h=Date:From:To:Subject; b=RUooY/WU58HYaVw2VLZRyGk0gPGIrnWEfh9vecP0GJ+iMAauzMJd/Q8hpLq0a0Wlz RGpymqgRDQqRhd7eLkq2GaGLQsfkaM4hbR6nVBpiAZAWYjbWbV0wMLrLedgt8IAiJS sbxFTnoOpYWp1Egb+dt0czPbuHun3PLDivZl6lsA= Date: Fri, 19 Feb 2021 14:10:38 +0530 From: Palash Oswal To: Mimi Zohar , Dmitry Kasatkin , James Morris , "Serge E. Hallyn" , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] ima: Replacing deprecated strlcpy with strscpy Message-ID: <20210219084038.GA7564@g3.oswalpalash.com> MIME-Version: 1.0 Content-Disposition: inline X-CMAE-Score: 0 X-CMAE-Analysis: v=2.3 cv=R5t95uZX c=1 sm=1 tr=0 a=CHsQ1LQruS7B59iI9LpjmQ==:117 a=CHsQ1LQruS7B59iI9LpjmQ==:17 a=kj9zAlcOel0A:10 a=xUbBMDKt3BKPAhSvupEA:9 a=CjuIK1q_8ugA:10 Precedence: bulk List-ID: The strlcpy() function is unsafe in that the source buffer length is unbounded or possibly be non NULL terminated. This can cause memory over-reads, crashes, etc. Link: https://github.com/KSPP/linux/issues/89 Signed-off-by: Palash Oswal --- security/integrity/ima/ima_api.c | 2 +- security/integrity/ima/ima_policy.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) base-commit: f6692213b5045dc461ce0858fb18cf46f328c202 diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 1dd70dc68ffd..2f3b8257181d 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -399,7 +399,7 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *namebuf) } if (!pathname) { - strlcpy(namebuf, path->dentry->d_name.name, NAME_MAX); + strscpy(namebuf, path->dentry->d_name.name, NAME_MAX); pathname = namebuf; } diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 9b45d064a87d..010839aef6ba 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -791,7 +791,7 @@ static int __init ima_init_arch_policy(void) char rule[255]; int result; - result = strlcpy(rule, *rules, sizeof(rule)); + strscpy(rule, *rules, sizeof(rule)); INIT_LIST_HEAD(&arch_policy_entry[i].list); result = ima_parse_rule(rule, &arch_policy_entry[i]);