From patchwork Tue Aug 8 22:48:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347126 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5034B156F8 for ; Tue, 8 Aug 2023 22:48:36 +0000 (UTC) Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EBE1D106 for ; Tue, 8 Aug 2023 15:48:34 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-586bd766310so35963647b3.0 for ; Tue, 08 Aug 2023 15:48:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534914; x=1692139714; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=TmxbnIjb/GqnmOwdg1rDIRZFSHSZsVM8YSAQMHLnbME=; b=aIe42t0D+ftKfG+ClAKmcOJv9mfebYDaQmvdUgboDYiuG7ilotz/5nbttvtF9fDi1O rDs+7df7Cjn2shLvTm3qNsiEBm8OAhAGyBYA8+AW/pofGiv6RHPapbcws6nbEk9HrPGS jdpUQ2BCppjQpV6sMqGiCLG4WGKm2D7YKRlPEGM+eVzHKsUpnoDU0g025UZnAtmR5xKS 69kyYON2cNSaE9f11a+LbFMqSZNt4tUq/usnE638ystMj35JNiukiKDpxLr0+iFW4Iwk J0bUrgboDjs3jAOSnOJyEJ65ZJ5Jx29Wa8GeSwiRYeXVg8OBaqUv/tSju9f+CoMdqa+d o0+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534914; x=1692139714; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=TmxbnIjb/GqnmOwdg1rDIRZFSHSZsVM8YSAQMHLnbME=; b=MiXHlc4ireMbKYfEx8D/F9TUSsurfx9X2ra1qKKbJa4j8ttY+1vqzCoFFrCDK+OQCH 2/yQAs338mpMBfh3psHqJXv+rVLZ7OnqG8XPsdvapEO6U1k+5NxSbvGpRHQodcNnAAy6 B9OWUndKWSoi4O9Dahj5zg2k64l5rCkdt7bIrJwK6SZ4pbkypeXXuv0mqMBQi3H4X/JF UQRhD5ltagL76i/Io0RqoItMP7XPbgziqlHk7jja3VEZPoW0J8sgwSrkl0yltYZIRHi9 guhC7Uofsl2Wco7fyDP5CeC3AOXA0vb8TEW0ROA8uZF5UQEkTMVjiH69Y6tlnsHNMJik DrgQ== X-Gm-Message-State: AOJu0YwCArKioPMGewQhj2KPeoEQQRahfFJZHGnG9SwvFKYdSmj/IMEr BvvL8L5luNfvQCwuSvNWcNkg4LGkS2wvlxma0w== X-Google-Smtp-Source: AGHT+IH1R6MtPcgGGYPgM2RykK/TeOvNqFtYstVlX2iypy2EipYIxRKnBXKcog/LYd4QF5rzW3sffHKNadArPUWkLg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:440f:0:b0:576:9519:7085 with SMTP id r15-20020a81440f000000b0057695197085mr21593ywa.7.1691534914271; Tue, 08 Aug 2023 15:48:34 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:06 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=2289; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=DmlnBBnHsP5QeIGI++tEAn9BIzXi+bfjHimTMSaz/pg=; b=620tlRlsF6w/UUZG5WGZx2U4Mf2LH5YYLrf8rikieAPOtoORP/uUHedtmuqLWAwhLMG5oiohV aRW3uUVCq+7BzN6wbjpH81lJbtdkmWqFFVPVtC/eGuYqCKR1vIDbvcj X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-1-efbbe4ec60af@google.com> Subject: [PATCH 1/7] netfilter: ipset: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Fixes several buffer overread bugs present in `ip_set_core.c` by using `strscpy` over `strncpy`. Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt --- There exists several potential buffer overread bugs here. These bugs exist due to the fact that the destination and source strings may have the same length which is equal to the max length `IPSET_MAXNAMELEN`. Here's an example: | #define MAXLEN 5 | char dest[MAXLEN]; | const char *src = "hello"; | strncpy(dest, src, MAXLEN); // -> should use strscpy() | // dest is now not NUL-terminated Note: This patch means that truncation now happens silently (which is better than a silent bug) but perhaps we should have some assertions that fail when a truncation is imminent. Thoughts? --- net/netfilter/ipset/ip_set_core.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 0b68e2e2824e..fc77080d41a2 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -872,7 +872,7 @@ ip_set_name_byindex(struct net *net, ip_set_id_t index, char *name) BUG_ON(!set); read_lock_bh(&ip_set_ref_lock); - strncpy(name, set->name, IPSET_MAXNAMELEN); + strscpy(name, set->name, IPSET_MAXNAMELEN); read_unlock_bh(&ip_set_ref_lock); } EXPORT_SYMBOL_GPL(ip_set_name_byindex); @@ -1326,7 +1326,7 @@ static int ip_set_rename(struct sk_buff *skb, const struct nfnl_info *info, goto out; } } - strncpy(set->name, name2, IPSET_MAXNAMELEN); + strscpy(set->name, name2, IPSET_MAXNAMELEN); out: write_unlock_bh(&ip_set_ref_lock); @@ -1380,9 +1380,9 @@ static int ip_set_swap(struct sk_buff *skb, const struct nfnl_info *info, return -EBUSY; } - strncpy(from_name, from->name, IPSET_MAXNAMELEN); - strncpy(from->name, to->name, IPSET_MAXNAMELEN); - strncpy(to->name, from_name, IPSET_MAXNAMELEN); + strscpy(from_name, from->name, IPSET_MAXNAMELEN); + strscpy(from->name, to->name, IPSET_MAXNAMELEN); + strscpy(to->name, from_name, IPSET_MAXNAMELEN); swap(from->ref, to->ref); ip_set(inst, from_id) = to; From patchwork Tue Aug 8 22:48:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347128 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9D8E21BB44 for ; Tue, 8 Aug 2023 22:48:37 +0000 (UTC) Received: from mail-oi1-x24a.google.com (mail-oi1-x24a.google.com [IPv6:2607:f8b0:4864:20::24a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A346109 for ; Tue, 8 Aug 2023 15:48:36 -0700 (PDT) Received: by mail-oi1-x24a.google.com with SMTP id 5614622812f47-39cdf9f9d10so9549012b6e.3 for ; Tue, 08 Aug 2023 15:48:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534915; x=1692139715; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2n+nft1J+ou/Hn4BoHtSydnM2Q6o7LrROT4GXzieyqk=; b=Z4tv8uuXCuHU3DyrL7CiwM7GRo//gKoN1gu49jVnkLDa77GxmOTvrZb6iVPtpovqAa y/YZP94ASRtbfUFGv2+k/+4bVka6Zb8iEhQgqrCavmKZqb5Vf3DMxM1GXr8d184OeWox Jkmar07CKdQd0GpGqnTygT2rhd0kL32dr73jAc1qnhLAgdE130ZeCZfffAKAkJ6p4g+3 Dhu8FFeDILrfEK66hbM9G62Cn84pEjVIyl6RtRVPcwxUI4pmvlJGyT/b7ZFu6jTEPe4q d4n4ZEeUzxKpvL+rOyjg+0S0zqmMfzBzAsT4DyiSxbJFnPTWrd8jZrG0UVA3jQ81IpYK PMoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534915; x=1692139715; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2n+nft1J+ou/Hn4BoHtSydnM2Q6o7LrROT4GXzieyqk=; b=CvkFz5L7nwosTcsG4ubPQB1UpzA+wzxbP9ivMsmSiydtTwcUMn7TzxVuS20eEvufZy IIP+vAb0GlxYpqGL1hcu19QmYCCi4PsTGFMq0MtvBCNFYl4VE9i0fBmZQagjhXNIxsBg ZUmyhR9dBx4yLXpqsGBI9gauzhuXvnhA0tqbGjaFY64AYUefLpyx6AbXtN9rgHuKg//4 6/IRMctaDYZM/RM0upR7kt9Gy48AOCVTXlURax9tIiZ+XzyMDfKs9AEPLNMP8q92a7HT Qt8PVEm063r6moK0Ur+rH2iE5vNDVrN+6aEgLacTxMn3GSuJVONKYz744dC7KI6cmPp0 aBuQ== X-Gm-Message-State: AOJu0YybrbY7/kSU/1Nq9hBiabpaikAUCREeer6/dQd3LKWZAFAIvNMU 9uL6RS4al2YcaB6/7BeYX7oLjZhSKaFsyYOdHA== X-Google-Smtp-Source: AGHT+IG33SMyJD9jmKUFIKwhFa1OIm3UDBC6wsCIb+3jj0vK9d47zhFOBFyzd3Ind1lxI6YX0YxchI++1WpiDqFOxQ== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6808:180f:b0:3a6:feb1:bb83 with SMTP id bh15-20020a056808180f00b003a6feb1bb83mr630290oib.3.1691534915476; Tue, 08 Aug 2023 15:48:35 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:07 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1355; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=h9/FJ0Derc+kHy1+HyfJeM72Jn/xHxsLrarMyJSTkdI=; b=nCzazijk+LV8MhghKkMBl3+PR9A0KP6j7aeC8rKtHaGSgAXmI98rCZPOtIh3eqAsdnnK140X5 2tW2f/G0EY9C+Xes0E05fHk1dEoFtF75/yOMaNAtBErqXMEO7z5CTOV X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-2-efbbe4ec60af@google.com> Subject: [PATCH 2/7] netfilter: nf_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Prefer `strscpy` over `strncpy`. Signed-off-by: Justin Stitt --- Note: It is hard to tell if there was a bug here in the first place but it's better to use a more robust and less ambiguous interface anyways. `helper->name` has a size of 16 and the 3rd argument to `strncpy` (NF_CT_HELPER_LEN) is also 16. This means that depending on where `dest`'s offset is relative to `regs->data` which has a length of 20, there may be a chance the dest buffer ends up non NUL-terminated. This is probably fine though as the destination buffer in this case may be fine being non NUL-terminated. If this is the case, we should probably opt for `strtomem` instead of `strscpy`. --- net/netfilter/nft_ct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 38958e067aa8..10126559038b 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -108,7 +108,7 @@ static void nft_ct_get_eval(const struct nft_expr *expr, helper = rcu_dereference(help->helper); if (helper == NULL) goto err; - strncpy((char *)dest, helper->name, NF_CT_HELPER_NAME_LEN); + strscpy((char *)dest, helper->name, NF_CT_HELPER_NAME_LEN); return; #ifdef CONFIG_NF_CONNTRACK_LABELS case NFT_CT_LABELS: { From patchwork Tue Aug 8 22:48:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347129 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 438FD1BB21 for ; Tue, 8 Aug 2023 22:48:38 +0000 (UTC) Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5825112C for ; Tue, 8 Aug 2023 15:48:37 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5865afcb825so73829777b3.0 for ; Tue, 08 Aug 2023 15:48:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534916; x=1692139716; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=pWB/bxoqLSL/ZtMTZ8dV/jChYqo6p+fCOGWCHHtspAU=; b=l0+YZUWT9MVORUoAKyZtIiSvH9yjrNYKYquI4h6G3Bw2EZqzd31uHqgRU63WUeJiTY CpJguIuWZtSwCxzXZL7m605eZS8Es5f38S3flkVmk3kM8LB0HvSqtkdI1c7Z2AyBkGtq 5NfO/1zVNGQ5YGvx0dhjCckfQkOwM8SuFYDezhYuUQtB+xJ3JKUpKSCYccD2Z2qKxi22 OO6RsTdtADjOReVX0UY1bUfshvROIJWuQWuJYZtqakkYY3FJ3grYtZbKyVjGMV37v+ur OCp34anb+2N2Kvfjr0/rniDTTRMNJAKTjeHOC8KCmX2XwY+Iinw733StNw48QbzrItoa QVdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534916; x=1692139716; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pWB/bxoqLSL/ZtMTZ8dV/jChYqo6p+fCOGWCHHtspAU=; b=TpWlpnuLy5Xfd8Oe48KNM/zhnYaiuwOIH5Qy4jxUjTraTZtOLqe9s5KMLD+mKZn64x dTXzbyDlrf9XIIQDcx8ji0YlBA/kwTHByPBMDIzU6KgBay3PZrKewWmK7/d62rvh6X8C h4DoSfbLZvlrDy3fhqCnTxcj04KTMjJ9JpYCl61Kpyod24pQeyTicoBdFnAzjYBJG2pi 4bKZpN8eyEk+0IeQJDroWpXUSvy8UzfVIOPs1ncIjRNGPONh1I2AUCrNj+zpshCnUjz3 8PQJikkIVrIKqZqA5+k7I0WFtHWXfLmRq62NhUQ1RKlw1oJZ+Xxjk6bG3Q/k7aFuVXzd ntKQ== X-Gm-Message-State: AOJu0YxE7akiFgFz9KqkKRnO+vyAypDGiHpP2wj3l/+N+JzRbWFrqL7Z UF14xQLh8N9o7s6UYFH4HgDJYZE6+ip0aCs3wg== X-Google-Smtp-Source: AGHT+IEZqIi+KfXakktMR77yvcqvv7E79OwhtWF6B0zRs21LhdiLRA3ymZOhLEcubECjKuLZCFe6Vy5Az1cpq5gVng== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:ae05:0:b0:579:f832:74b with SMTP id m5-20020a81ae05000000b00579f832074bmr22779ywh.10.1691534916696; Tue, 08 Aug 2023 15:48:36 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:08 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=968; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=ql8BKCTJsc3POKLEq/ADab6DF9AYOTL/azd4EamUBcI=; b=P3R80qBBGIzHAbifBNpGmUCEncCAPqmEwus6LSS+QDg9lMvg2IHe2edYrrt/QOZp2p4frMdd+ ACoDi+vL9tDBW4ezE6keUa+9XyhIWr0M32IT7a0qKJXdIEfk7Y9a0tM X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-3-efbbe4ec60af@google.com> Subject: [PATCH 3/7] netfilter: nf_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Prefer `strscpy` over `strncpy`. Signed-off-by: Justin Stitt --- Note: `strscpy` is generally preferred to `strncpy` for use on NUL-terminated destination strings. In this case, however, it is hard for me to tell if the dest buffer wants to be NUL-terminated or not. If NUL-termination is not needed behavior here, let's use `strtomem`. --- net/netfilter/nft_fib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c index 6e049fd48760..f1a3692f2dbd 100644 --- a/net/netfilter/nft_fib.c +++ b/net/netfilter/nft_fib.c @@ -150,7 +150,7 @@ void nft_fib_store_result(void *reg, const struct nft_fib *priv, if (priv->flags & NFTA_FIB_F_PRESENT) *dreg = !!dev; else - strncpy(reg, dev ? dev->name : "", IFNAMSIZ); + strscpy(reg, dev ? dev->name : "", IFNAMSIZ); break; default: WARN_ON_ONCE(1); From patchwork Tue Aug 8 22:48:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347130 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 31B2B1C9E2 for ; Tue, 8 Aug 2023 22:48:39 +0000 (UTC) Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6326A10E for ; Tue, 8 Aug 2023 15:48:38 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-57320c10635so73806897b3.3 for ; Tue, 08 Aug 2023 15:48:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534917; x=1692139717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=+19GBVsvDAVjAStBWUAxMG4PPU/OGJ0H5JL5ZuTDef8=; b=33XuWQ+JZacYiunpRf/VpLL+ieGu6gFKhP/kfQt/A/PUBZLTtlxm2/2ie17ypqdLXY XZ7+ymtQ1v237YLPLscwE4bYYZtLPGAUnvBPdCwgT4CADDloYMGmBTI1DA7qAvS1R5dj X5875/w1a0yhqtAQvxC6fc6uFKRhNLsFUanyAesrsxo13nRi2pfWJejJ9tJxOcxd8dpF ueY3fqdWb4iOeEX+HcwPaNrfJYa2/TrdvsAEOpb205dHLWqEOgdL1jjKWHfUJjZd2v2z 9oPx/UHQiuz+JRfRFEOY0zAGyBLscrLc721CcjSFpnolkANjOiG1ia1lj7+HQvcd3e7U YNig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534917; x=1692139717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+19GBVsvDAVjAStBWUAxMG4PPU/OGJ0H5JL5ZuTDef8=; b=XZsKjYvOmU/P1AWCYG8bTgmNGVAwf/mDy5MvkQ5qyfJ7pC3XNX3ZSyiIOk0VBBIwRE AVjFbQ82W7hymdxDWrRcs7Si0987/x+NCt+Aq3bVEEnef1GbLffxaCba1bF5emZLzAKd FK+cwjOy74ZhIKOt+58DCVgQt+m0IaoIPyZFT/aPuoY0geo2NMBP7W7ziE50pa6ZQuCH RyQan1Yj4oQfLlycKIrvPySMgCkUNHu7xKlvUczg3uqnXgibFY2HrgD0/MYDB4TuiDZn kw/lGJAe5qd3AoLQnoGqHkkcBEQkYKsbUrtpbRUb3p3QCzB2QArMOSSGhp4PM15Uduul F1wA== X-Gm-Message-State: AOJu0YzbdX145BI572l8FzbxhtlmTiX82ssVQQ73qw2mXEMtdUyiEnnx FwGs3S12fwV/+VKPF+a3gWZGmHqe/kXVXNweDg== X-Google-Smtp-Source: AGHT+IFmi1uCoUT8+dYsT7cZBMlrh5k6XVkXA76elJmMnRkNeuD4fuUb4fXU9XUyJeJrtDUUPIvD3QYnLXeDP+3YLw== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:414c:0:b0:583:a3c1:6b5a with SMTP id f12-20020a81414c000000b00583a3c16b5amr23219ywk.4.1691534917623; Tue, 08 Aug 2023 15:48:37 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:09 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1607; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=GBQjyBthg5dmrMfaCEkr5QXSIAmXCZ5owhSbCo8Ik6c=; b=l4qPLd4+/BNAz/Lm7D/syXKR78TObwPJdYwbnpE7ksVaBVJA3lf0WqxSNnU3hcPfzO6VTlbM+ dgb9SEDK59NATnse+FDklDxWNo24X2WOTSFQSKlQggwoEor3t6oFjrl X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-4-efbbe4ec60af@google.com> Subject: [PATCH 4/7] netfilter: nft_meta: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Prefer `strscpy` to `strncpy` since it's more robust and less ambiguous. Signed-off-by: Justin Stitt --- Note: I wasn't able to tell what the expected size of `out->rtnl_link_ops->kind` is. If it is less than or equal to `IFNAMSIZ` then there was no bug present and a bug present otherwise. Nonetheless, let's swap over to strscpy. --- net/netfilter/nft_meta.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 8fdc7318c03c..de8ced05a273 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -185,12 +185,12 @@ static noinline bool nft_meta_get_eval_kind(enum nft_meta_keys key, case NFT_META_IIFKIND: if (!in || !in->rtnl_link_ops) return false; - strncpy((char *)dest, in->rtnl_link_ops->kind, IFNAMSIZ); + strscpy((char *)dest, in->rtnl_link_ops->kind, IFNAMSIZ); break; case NFT_META_OIFKIND: if (!out || !out->rtnl_link_ops) return false; - strncpy((char *)dest, out->rtnl_link_ops->kind, IFNAMSIZ); + strscpy((char *)dest, out->rtnl_link_ops->kind, IFNAMSIZ); break; default: return false; @@ -206,7 +206,7 @@ static void nft_meta_store_ifindex(u32 *dest, const struct net_device *dev) static void nft_meta_store_ifname(u32 *dest, const struct net_device *dev) { - strncpy((char *)dest, dev ? dev->name : "", IFNAMSIZ); + strscpy((char *)dest, dev ? dev->name : "", IFNAMSIZ); } static bool nft_meta_store_iftype(u32 *dest, const struct net_device *dev) From patchwork Tue Aug 8 22:48:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347131 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 433591C9E2 for ; Tue, 8 Aug 2023 22:48:41 +0000 (UTC) Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7E2DF12C for ; Tue, 8 Aug 2023 15:48:39 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d1d9814b89fso5812611276.0 for ; Tue, 08 Aug 2023 15:48:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534918; x=1692139718; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FjrWn1fSMygYDZZgckHhk0mXRfqs5Nidx65ICO3A52I=; b=gV4k4AQmJbNKxgLMYapJVIyO+9QcRPAfIhEdNQg0adenoyHWaTerujLmngfOXKcDvE DH3nTqA0kwzcCzLf6rxttNAOaJi/l5pr5ZiQFaLGXpuby+Az24eT0gxFj9TXFKS/4OX5 VfWhqmlOIrgsoLOGFKr5LcIyQkoqKUdV2n+sWwqJ2G1B99tL7e3HTacu1x99c9fvCSZM BJXaYkIwuqE+r7BOIKKIVjI8XEkaZbNeH2eYr148VmffSGU8/uWx9fjbing1ZRjq3vss hg76ITGXmsQEVRX3T+Y1ADizkXb6H36uNS1m4cqUy9bQgz/myepQzF5SKC77aMhxtNaY izGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534918; x=1692139718; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FjrWn1fSMygYDZZgckHhk0mXRfqs5Nidx65ICO3A52I=; b=JrDQzd+mwUVJ9loH4LnYzHYtcZei1i9O8Kz4niYLpRmzXk1bmHITbuUp9iOl4xkRFo WtPTDyYLCGb3RlKNvR3JQbGzwk/tbbN6NCcIhNkdOro9jsQq/T1VWXVMrwnBZALro6ZR AIeHHRIZ3UvVelYXEnuPIeG2NkBCUECq5aGMeY+5LzXp0ZpnNpuXsJs9jOuOGhS6PG2F nMLZCOdNLbOnJYUVc+PhWXgguJheeYVYkDxYjQ973sTI5l27W2w93RyA5ZobMXIadKCh lZ1NzHxOQCpce3w8Y99Xo2FOJUlPGipmKL7xQBYNnnCP2oo2UtmEpxMidlF+8FXMu3r7 wNyQ== X-Gm-Message-State: AOJu0Yxw6bANyNBLGFZmWUIJjJR+Df+s9Rb9zOKlGrzrAkvJDr1mrLf8 sRKdzn/IzD7aBfyci+f6/WXttCRqMQCG2CiyoA== X-Google-Smtp-Source: AGHT+IGmyferwFNnbxw0iCzx/r3zkBXWgrh+IPzWVl1hamVpmOKPWK2mKFogqArbcsqyWhuzHoHX0ySiHTOwsP9CQg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6902:690:b0:d46:45a1:b775 with SMTP id i16-20020a056902069000b00d4645a1b775mr21159ybt.3.1691534918649; Tue, 08 Aug 2023 15:48:38 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:10 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1584; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=TYjOW+AvMsSrKx/9aDmBZSW/vTLjOkdZMrUIxM50vSU=; b=RGO1nAXLC7fjnapekTUAeCHeVncKTCYqVtHP5+QOVJP9VkBsqI4ExgD47xSB2HnII22YwkXMP Jzqi8qIzqKQBStS0NzWem8DN0iJX/MUqERbE9rWZLT517qZ1WczKGid X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-5-efbbe4ec60af@google.com> Subject: [PATCH 5/7] netfilter: nft_osf: refactor deprecated strncpy to strscpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Use `strscpy` over `strncpy` for NUL-terminated strings. We can also drop the + 1 from `NFT_OSF_MAXGENRELEN + 1` since `strscpy` will guarantee NUL-termination. Signed-off-by: Justin Stitt --- net/netfilter/nft_osf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c index 70820c66b591..4844e0109a58 100644 --- a/net/netfilter/nft_osf.c +++ b/net/netfilter/nft_osf.c @@ -23,7 +23,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, struct nft_osf *priv = nft_expr_priv(expr); u32 *dest = ®s->data[priv->dreg]; struct sk_buff *skb = pkt->skb; - char os_match[NFT_OSF_MAXGENRELEN + 1]; + char os_match[NFT_OSF_MAXGENRELEN]; const struct tcphdr *tcp; struct nf_osf_data data; struct tcphdr _tcph; @@ -45,7 +45,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, } if (!nf_osf_find(skb, nf_osf_fingers, priv->ttl, &data)) { - strncpy((char *)dest, "unknown", NFT_OSF_MAXGENRELEN); + strscpy((char *)dest, "unknown", NFT_OSF_MAXGENRELEN); } else { if (priv->flags & NFT_OSF_F_VERSION) snprintf(os_match, NFT_OSF_MAXGENRELEN, "%s:%s", @@ -53,7 +53,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, else strscpy(os_match, data.genre, NFT_OSF_MAXGENRELEN); - strncpy((char *)dest, os_match, NFT_OSF_MAXGENRELEN); + strscpy((char *)dest, os_match, NFT_OSF_MAXGENRELEN); } } From patchwork Tue Aug 8 22:48:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347132 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6A5471C9F7 for ; Tue, 8 Aug 2023 22:48:41 +0000 (UTC) Received: from mail-oo1-xc4a.google.com (mail-oo1-xc4a.google.com [IPv6:2607:f8b0:4864:20::c4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A3B9103 for ; Tue, 8 Aug 2023 15:48:40 -0700 (PDT) Received: by mail-oo1-xc4a.google.com with SMTP id 006d021491bc7-56c8f0995faso10037711eaf.0 for ; Tue, 08 Aug 2023 15:48:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534920; x=1692139720; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Pvwje1x+fgK9E9IR7qsfn31Dc5XiXldAZ1Fo1xHQpAo=; b=ZowPnFVAEOQu1o/+XzT8fcaX6DHlVccwrE7gGNHkAx3YDdV+D3o7fUpYyj/vi1Ct5Q +QYJDWnAhftWiK8EgTciXmjxfJNfL1DHfcE3o+XOVVHbUUBr2oc33L84fXDKdg0spibe GZ5bqdG9qrHx/UtSzbaBTMqp6lQxfoXnPa2UM0vLrI7Zb2YiefFjL0pSu/+rNaKy1wlN XhfOQJjCKLo/y7i/PPyKhKK6HKjXtVSpBWc22UEpkQAx89z/FVCmSvgnGCxbk5FjWRbD QKj317GKJBKiDYTXPzGM5v1TxwYmVWI7QXAAaldoX9Tx9r5cTrpz+UfvZC+saxnSr//L 67Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534920; x=1692139720; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Pvwje1x+fgK9E9IR7qsfn31Dc5XiXldAZ1Fo1xHQpAo=; b=ZSP1vRvq1EhMA8+pUkMORpoF/kR0dP+yALkC4kAqXwWvLbythSgyoulYtVQMnbV3f+ 4rkYyE0NwKKNYagPHvWujHDsrvzzm21y4kKoXhpKmoCKxLXWSYlJNe4/LLaPYSgmuq5C amczAAZMpgfHQwGZoFeg1TNkFD2/HcDnJp/i8ZHcaTXX2p7U2DXzJTBjSDFtLtrrNB1z vCQgTJC78ydkA3iZQXOOIeNjgPQeCbiC+t8FwPHFJIxFBA2zwd19nnaawbd/GuXZ/PLc RhsJ9t1i9/8Fz55DmZZYECUuRQWcHMsWin4GccJKG2jTjJE1Nc0EmijnB6VlsJS3Y6LX 577A== X-Gm-Message-State: AOJu0YzOTy16MsSYKnGungJVKayGgZLbMIC9YaxqrEUPuVq3MqfYI48T 6CkoqS/w8i0VNptlaUUEdhIynHJHFhzsowcoEA== X-Google-Smtp-Source: AGHT+IFfTapulzyD7mF8uId+U6qhT9W1jzh/xLHutjoQ+baESmwt1nASohgDjGgqfc8DbSFYevzOUew1G7Fcn9bwfg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6870:5b03:b0:1bf:a06f:ce6f with SMTP id ds3-20020a0568705b0300b001bfa06fce6fmr315997oab.9.1691534919982; Tue, 08 Aug 2023 15:48:39 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:11 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1616; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=epcsNlzjLL3K9DAOvrsRp37/1eZVu8TeiuJpMs34l/Q=; b=L1P2cQc3z99LSWR/qio44oxncmlWLIBSvxY6HOu5W2BRo4B41BhDGwuAbcow63n2hPhRjceUI 9E5bGIoGP2nDYAORkqUToKLoCEdCN/nRopReeZhHhL/7pSX4tiOQrrn X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-6-efbbe4ec60af@google.com> Subject: [PATCH 6/7] netfilter: x_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Prefer `strscpy` to `strncpy` for use on NUL-terminated destination buffers. This fixes a potential bug due to the fact that both `t->u.user.name` and `name` share the same size. Signed-off-by: Justin Stitt --- Here's an example of what happens when dest and src share same size: | #define MAXLEN 5 | char dest[MAXLEN]; | const char *src = "hello"; | strncpy(dest, src, MAXLEN); // -> should use strscpy() | // dest is now not NUL-terminated --- net/netfilter/x_tables.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 470282cf3fae..714a38ec9055 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -768,7 +768,7 @@ void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, m->u.user.match_size = msize; strscpy(name, match->name, sizeof(name)); module_put(match->me); - strncpy(m->u.user.name, name, sizeof(m->u.user.name)); + strscpy(m->u.user.name, name, sizeof(m->u.user.name)); *size += off; *dstptr += msize; @@ -1148,7 +1148,7 @@ void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr, t->u.user.target_size = tsize; strscpy(name, target->name, sizeof(name)); module_put(target->me); - strncpy(t->u.user.name, name, sizeof(t->u.user.name)); + strscpy(t->u.user.name, name, sizeof(t->u.user.name)); *size += off; *dstptr += tsize; @@ -2014,4 +2014,3 @@ static void __exit xt_fini(void) module_init(xt_init); module_exit(xt_fini); - From patchwork Tue Aug 8 22:48:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347133 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A3FB41C9F7 for ; Tue, 8 Aug 2023 22:48:42 +0000 (UTC) Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 948E7E4A for ; Tue, 8 Aug 2023 15:48:41 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-586b0ef17daso6531827b3.1 for ; Tue, 08 Aug 2023 15:48:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534921; x=1692139721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=G9OF2QFsiP3MkrzN4gKJO5o0WhLZ6LzcN9E8K6dc8dQ=; b=Tk5sym5cRDFSry8K+vc1HytKkY3IbV6iZulQcdqzajiE0IVk3xAlVvRndUZmAf1bym qmBA/CUFS/PGUXiFjGhkccdVwoX3zHUdcOMoLvXMMUMjR8yufvUM3BMxdbZVUZUBohHJ XDd0dKfCAqHUdAGRMbnyrr4FGDyVDAC1FubuFJd7iCMUjnLDpsu9n3DTiB9Phq8Qvf0E q8U2keEGG0MEUAozFw72uG4Zvu2LbBhukIi5JUVz+Vr+B72eM5IBoS4QlmZ4vDb1Wq63 DfyTE1Qq1a9iFWqR253R9wuYjfP9rEWY7oXwiicHyPCLs7WfdwbOq9mI2Yx1daOUKLxs Jqyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534921; x=1692139721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=G9OF2QFsiP3MkrzN4gKJO5o0WhLZ6LzcN9E8K6dc8dQ=; b=DxbLNLehnYBwPzLhYsZxZIT+LSUJY5ugWBLNaHz6AsqtoTfbf80OLsQzAyXauPtx66 ViptGRXR7MVy0QcoGs9sVq9D0l0uHZSb1sXEXA/ZiQAxJrY1B7pg8MGxgFgdrd1m7aYM 8vXGfHNMAfXTvCjAZxr6JYGzTVOZuXxaUzZDN8TYQz26hJTpbrP9LBZ/aQJuXqW+YbcL JT5hJiJRdfDbMRE5Xwuvsx+FbeTa1wlvxg8cYyczK7KqcF1JnnuXaqMwreVcaiFOn4we 4HOMXkPT2WQxBh0ID/E8/BRaC9JAOojr17v5q6Zy6CrtLPDb+stWJeVLivbwyeN8eMd5 b3GA== X-Gm-Message-State: AOJu0YyTRzKm5sxYi2nAeway1OIfT9YV+q7Y1kNGhRJ15lPM3qN1UTjE IPdgcJkCQHVlv+6YjC8x/tHupKi7Lw3BDiTDSA== X-Google-Smtp-Source: AGHT+IGCyJW7+H01CcBpmwMLWO4IJOM2JRZefUJenQ9SapEIQSusWKx57m2Q2rpVYsPLUriKIRjxQtAgRFf96MgkCg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:b61a:0:b0:586:e91a:46c2 with SMTP id u26-20020a81b61a000000b00586e91a46c2mr107296ywh.4.1691534920928; Tue, 08 Aug 2023 15:48:40 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:12 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1134; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=Bp+w2rTLNgdzNlxLi9FLD4utZ4QUqpPxaPIds7U/AGY=; b=odK4V1dqN6Y308K04MH8d/MRrkeaDSd1rELzLfU+7SDbRdFBl0nXUSsw+H9Y12YsVkVDC43lj zmYSndS5Js/Dv3+IClsSCDsbs7OJ2vOQ6onFe43X7Ff2wDY/LO6DwG0 X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-7-efbbe4ec60af@google.com> Subject: [PATCH 7/7] netfilter: xtables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Prefer `strscpy` as it's a more robust interface. There may have existed a bug here due to both `tbl->repl.name` and `info->name` having a size of 32 as defined below: | #define XT_TABLE_MAXNAMELEN 32 This may lead to buffer overreads in some situations -- `strscpy` solves this by guaranteeing NUL-termination of the dest buffer. Signed-off-by: Justin Stitt --- Note: build tested only --- net/netfilter/xt_repldata.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/xt_repldata.h b/net/netfilter/xt_repldata.h index 68ccbe50bb1e..63869fd0ec57 100644 --- a/net/netfilter/xt_repldata.h +++ b/net/netfilter/xt_repldata.h @@ -29,7 +29,7 @@ if (tbl == NULL) \ return NULL; \ term = (struct type##_error *)&(((char *)tbl)[term_offset]); \ - strncpy(tbl->repl.name, info->name, sizeof(tbl->repl.name)); \ + strscpy(tbl->repl.name, info->name, sizeof(tbl->repl.name)); \ *term = (struct type##_error)typ2##_ERROR_INIT; \ tbl->repl.valid_hooks = hook_mask; \ tbl->repl.num_entries = nhooks + 1; \