| Message ID | 20230831194212.1529941-1-azeemshaikh38@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 2933d3cd079d3bf6fded709de7d97c1dc71d9633 |
| Headers | show |
| Series | trace/events/task.h: Replace strlcpy with strscpy | expand |
On Thu, Aug 31, 2023 at 07:42:12PM +0000, Azeem Shaikh wrote: > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > No return values were used, so direct replacement is safe. > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > [2] https://github.com/KSPP/linux/issues/89 > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Kees Cook <keescook@chromium.org>
On Thu, Aug 31, 2023 at 12:42 PM Azeem Shaikh <azeemshaikh38@gmail.com> wrote: > > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > No return values were used, so direct replacement is safe. > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > [2] https://github.com/KSPP/linux/issues/89 > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Justin Stitt <justinstitt@google.com> > --- > include/trace/events/task.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/trace/events/task.h b/include/trace/events/task.h > index 64d160930b0d..47b527464d1a 100644 > --- a/include/trace/events/task.h > +++ b/include/trace/events/task.h > @@ -47,7 +47,7 @@ TRACE_EVENT(task_rename, > TP_fast_assign( > __entry->pid = task->pid; > memcpy(entry->oldcomm, task->comm, TASK_COMM_LEN); > - strlcpy(entry->newcomm, comm, TASK_COMM_LEN); > + strscpy(entry->newcomm, comm, TASK_COMM_LEN); > __entry->oom_score_adj = task->signal->oom_score_adj; > ), > > -- > 2.42.0.283.g2d96d420d3-goog > >
diff --git a/include/trace/events/task.h b/include/trace/events/task.h index 64d160930b0d..47b527464d1a 100644 --- a/include/trace/events/task.h +++ b/include/trace/events/task.h @@ -47,7 +47,7 @@ TRACE_EVENT(task_rename, TP_fast_assign( __entry->pid = task->pid; memcpy(entry->oldcomm, task->comm, TASK_COMM_LEN); - strlcpy(entry->newcomm, comm, TASK_COMM_LEN); + strscpy(entry->newcomm, comm, TASK_COMM_LEN); __entry->oom_score_adj = task->signal->oom_score_adj; ),
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> --- include/trace/events/task.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.42.0.283.g2d96d420d3-goog