| Message ID | 20230614134956.2109252-1-azeemshaikh38@gmail.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | Johannes Berg |
| Headers | show |
| Series | [v3] wifi: cfg80211: replace strlcpy() with strscpy() | expand |
Azeem Shaikh <azeemshaikh38@gmail.com> writes: > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > Direct replacement is safe here since WIPHY_ASSIGN is only used by > TRACE macros and the return values are ignored. > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > [2] https://github.com/KSPP/linux/issues/89 > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> > --- > v1: https://lore.kernel.org/all/20230612232301.2572316-1-azeemshaikh38@gmail.com/ > v2: https://lore.kernel.org/all/20230614134552.2108471-1-azeemshaikh38@gmail.com/ In the change log (after the "---" line) you should also describe what changes you made, more info in the wiki below. In this case it's clear as the patch is simple but please keep this in mind for future patches. No need to resend because of this.
On Wed, Jun 14, 2023 at 10:24 AM Kalle Valo <kvalo@kernel.org> wrote: > > Azeem Shaikh <azeemshaikh38@gmail.com> writes: > > > strlcpy() reads the entire source buffer first. > > This read may exceed the destination size limit. > > This is both inefficient and can lead to linear read > > overflows if a source string is not NUL-terminated [1]. > > In an effort to remove strlcpy() completely [2], replace > > strlcpy() here with strscpy(). > > > > Direct replacement is safe here since WIPHY_ASSIGN is only used by > > TRACE macros and the return values are ignored. > > > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > > [2] https://github.com/KSPP/linux/issues/89 > > > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> > > --- > > v1: https://lore.kernel.org/all/20230612232301.2572316-1-azeemshaikh38@gmail.com/ > > v2: https://lore.kernel.org/all/20230614134552.2108471-1-azeemshaikh38@gmail.com/ > > In the change log (after the "---" line) you should also describe what > changes you made, more info in the wiki below. In this case it's clear > as the patch is simple but please keep this in mind for future patches. > > No need to resend because of this. > Thanks Kalle. I did have the below line in my changelog. For future patches, do you mean that changelog descriptions need to be more specific than this? For example - updated title from "x" -> "y"? > Changes from v1 and v2 - updated patch title.
Azeem Shaikh <azeemshaikh38@gmail.com> writes: > On Wed, Jun 14, 2023 at 10:24 AM Kalle Valo <kvalo@kernel.org> wrote: > >> >> Azeem Shaikh <azeemshaikh38@gmail.com> writes: >> >> > strlcpy() reads the entire source buffer first. >> > This read may exceed the destination size limit. >> > This is both inefficient and can lead to linear read >> > overflows if a source string is not NUL-terminated [1]. >> > In an effort to remove strlcpy() completely [2], replace >> > strlcpy() here with strscpy(). >> > >> > Direct replacement is safe here since WIPHY_ASSIGN is only used by >> > TRACE macros and the return values are ignored. >> > >> > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy >> > [2] https://github.com/KSPP/linux/issues/89 >> > >> > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> >> > --- >> > v1: https://lore.kernel.org/all/20230612232301.2572316-1-azeemshaikh38@gmail.com/ >> > v2: https://lore.kernel.org/all/20230614134552.2108471-1-azeemshaikh38@gmail.com/ >> >> In the change log (after the "---" line) you should also describe what >> changes you made, more info in the wiki below. In this case it's clear >> as the patch is simple but please keep this in mind for future patches. >> >> No need to resend because of this. >> > > Thanks Kalle. I did have the below line in my changelog. For future > patches, do you mean that changelog descriptions need to be more > specific than this? For example - updated title from "x" -> "y"? > >> Changes from v1 and v2 - updated patch title. Ah, I missed that because the format was not what we usually use. I recommend something like this: v3: * add bar v2: * https:// * fix foo v1: * https://
On Wed, Jun 14, 2023 at 11:15 AM Kalle Valo <kvalo@kernel.org> wrote: > > Azeem Shaikh <azeemshaikh38@gmail.com> writes: > > > On Wed, Jun 14, 2023 at 10:24 AM Kalle Valo <kvalo@kernel.org> wrote: > > > >> > >> Azeem Shaikh <azeemshaikh38@gmail.com> writes: > >> > >> > strlcpy() reads the entire source buffer first. > >> > This read may exceed the destination size limit. > >> > This is both inefficient and can lead to linear read > >> > overflows if a source string is not NUL-terminated [1]. > >> > In an effort to remove strlcpy() completely [2], replace > >> > strlcpy() here with strscpy(). > >> > > >> > Direct replacement is safe here since WIPHY_ASSIGN is only used by > >> > TRACE macros and the return values are ignored. > >> > > >> > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > >> > [2] https://github.com/KSPP/linux/issues/89 > >> > > >> > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> > >> > --- > >> > v1: https://lore.kernel.org/all/20230612232301.2572316-1-azeemshaikh38@gmail.com/ > >> > v2: https://lore.kernel.org/all/20230614134552.2108471-1-azeemshaikh38@gmail.com/ > >> > >> In the change log (after the "---" line) you should also describe what > >> changes you made, more info in the wiki below. In this case it's clear > >> as the patch is simple but please keep this in mind for future patches. > >> > >> No need to resend because of this. > >> > > > > Thanks Kalle. I did have the below line in my changelog. For future > > patches, do you mean that changelog descriptions need to be more > > specific than this? For example - updated title from "x" -> "y"? > > > >> Changes from v1 and v2 - updated patch title. > > Ah, I missed that because the format was not what we usually use. I > recommend something like this: > > v3: > > * add bar > > v2: > > * https:// > * fix foo > > v1: > > * https:// > Got it, thanks a lot!
diff --git a/net/wireless/trace.h b/net/wireless/trace.h index 716a1fa70069..a00da3ebfed5 100644 --- a/net/wireless/trace.h +++ b/net/wireless/trace.h @@ -22,7 +22,7 @@ #define MAXNAME 32 #define WIPHY_ENTRY __array(char, wiphy_name, 32) -#define WIPHY_ASSIGN strlcpy(__entry->wiphy_name, wiphy_name(wiphy), MAXNAME) +#define WIPHY_ASSIGN strscpy(__entry->wiphy_name, wiphy_name(wiphy), MAXNAME) #define WIPHY_PR_FMT "%s" #define WIPHY_PR_ARG __entry->wiphy_name
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). Direct replacement is safe here since WIPHY_ASSIGN is only used by TRACE macros and the return values are ignored. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> --- v1: https://lore.kernel.org/all/20230612232301.2572316-1-azeemshaikh38@gmail.com/ v2: https://lore.kernel.org/all/20230614134552.2108471-1-azeemshaikh38@gmail.com/ Changes from v1 and v2 - updated patch title. net/wireless/trace.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)