From patchwork Tue Aug 8 22:48:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347135 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19DDEC001DB for ; Tue, 8 Aug 2023 22:48:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231261AbjHHWsg (ORCPT ); Tue, 8 Aug 2023 18:48:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47484 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229714AbjHHWsf (ORCPT ); Tue, 8 Aug 2023 18:48:35 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC5AF109 for ; Tue, 8 Aug 2023 15:48:34 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-583a89cccf6so61607537b3.1 for ; Tue, 08 Aug 2023 15:48:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534914; x=1692139714; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=TmxbnIjb/GqnmOwdg1rDIRZFSHSZsVM8YSAQMHLnbME=; b=aIe42t0D+ftKfG+ClAKmcOJv9mfebYDaQmvdUgboDYiuG7ilotz/5nbttvtF9fDi1O rDs+7df7Cjn2shLvTm3qNsiEBm8OAhAGyBYA8+AW/pofGiv6RHPapbcws6nbEk9HrPGS jdpUQ2BCppjQpV6sMqGiCLG4WGKm2D7YKRlPEGM+eVzHKsUpnoDU0g025UZnAtmR5xKS 69kyYON2cNSaE9f11a+LbFMqSZNt4tUq/usnE638ystMj35JNiukiKDpxLr0+iFW4Iwk J0bUrgboDjs3jAOSnOJyEJ65ZJ5Jx29Wa8GeSwiRYeXVg8OBaqUv/tSju9f+CoMdqa+d o0+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534914; x=1692139714; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=TmxbnIjb/GqnmOwdg1rDIRZFSHSZsVM8YSAQMHLnbME=; b=XKGGm4xoQEKK2UaM37Gl93TmGLsESgEpcg8VD/M0t93MbbNcAJ0773GQbzBXhgkaqO j0eHldfROBViPp0pIyvjzIu6vpktgWaoZzzFAb9E2Rnw6PI0oe0/tXpzEt4u+3ZBVIcA MZNxBYPxcA43WnlXtwMvYkff1LfxEONDn4jYb20gXivZggSARbgNvej272F/uvzBPa0n uiVy/Tva70LB7Wf4+Wpdm7XuqgXRs57FwetarlehPWfLsQrkz4kU24b17Y7IfYpCwxSk EofoIhcjTACO0wbu+KnYu2aYuEMHHqNBXdYZXF1hy2+rlGJ/4aJ6VJzkpirLxaTQ6xzk iweg== X-Gm-Message-State: AOJu0YypjJ0vhM1ZNy9VXcRnU3/z527m+jvY9GZjAeaElPwZOsCJ1OGz 4niOtIk5+/0UNG17NeftFvhTQCzinvT/X1mN8Q== X-Google-Smtp-Source: AGHT+IH1R6MtPcgGGYPgM2RykK/TeOvNqFtYstVlX2iypy2EipYIxRKnBXKcog/LYd4QF5rzW3sffHKNadArPUWkLg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:440f:0:b0:576:9519:7085 with SMTP id r15-20020a81440f000000b0057695197085mr21593ywa.7.1691534914271; Tue, 08 Aug 2023 15:48:34 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:06 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=2289; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=DmlnBBnHsP5QeIGI++tEAn9BIzXi+bfjHimTMSaz/pg=; b=620tlRlsF6w/UUZG5WGZx2U4Mf2LH5YYLrf8rikieAPOtoORP/uUHedtmuqLWAwhLMG5oiohV aRW3uUVCq+7BzN6wbjpH81lJbtdkmWqFFVPVtC/eGuYqCKR1vIDbvcj X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-1-efbbe4ec60af@google.com> Subject: [PATCH 1/7] netfilter: ipset: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Fixes several buffer overread bugs present in `ip_set_core.c` by using `strscpy` over `strncpy`. Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt --- There exists several potential buffer overread bugs here. These bugs exist due to the fact that the destination and source strings may have the same length which is equal to the max length `IPSET_MAXNAMELEN`. Here's an example: | #define MAXLEN 5 | char dest[MAXLEN]; | const char *src = "hello"; | strncpy(dest, src, MAXLEN); // -> should use strscpy() | // dest is now not NUL-terminated Note: This patch means that truncation now happens silently (which is better than a silent bug) but perhaps we should have some assertions that fail when a truncation is imminent. Thoughts? --- net/netfilter/ipset/ip_set_core.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 0b68e2e2824e..fc77080d41a2 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -872,7 +872,7 @@ ip_set_name_byindex(struct net *net, ip_set_id_t index, char *name) BUG_ON(!set); read_lock_bh(&ip_set_ref_lock); - strncpy(name, set->name, IPSET_MAXNAMELEN); + strscpy(name, set->name, IPSET_MAXNAMELEN); read_unlock_bh(&ip_set_ref_lock); } EXPORT_SYMBOL_GPL(ip_set_name_byindex); @@ -1326,7 +1326,7 @@ static int ip_set_rename(struct sk_buff *skb, const struct nfnl_info *info, goto out; } } - strncpy(set->name, name2, IPSET_MAXNAMELEN); + strscpy(set->name, name2, IPSET_MAXNAMELEN); out: write_unlock_bh(&ip_set_ref_lock); @@ -1380,9 +1380,9 @@ static int ip_set_swap(struct sk_buff *skb, const struct nfnl_info *info, return -EBUSY; } - strncpy(from_name, from->name, IPSET_MAXNAMELEN); - strncpy(from->name, to->name, IPSET_MAXNAMELEN); - strncpy(to->name, from_name, IPSET_MAXNAMELEN); + strscpy(from_name, from->name, IPSET_MAXNAMELEN); + strscpy(from->name, to->name, IPSET_MAXNAMELEN); + strscpy(to->name, from_name, IPSET_MAXNAMELEN); swap(from->ref, to->ref); ip_set(inst, from_id) = to; From patchwork Tue Aug 8 22:48:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347136 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 21437C001B0 for ; Tue, 8 Aug 2023 22:48:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231393AbjHHWsh (ORCPT ); Tue, 8 Aug 2023 18:48:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47506 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231319AbjHHWsh (ORCPT ); Tue, 8 Aug 2023 18:48:37 -0400 Received: from mail-oi1-x24a.google.com (mail-oi1-x24a.google.com [IPv6:2607:f8b0:4864:20::24a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1918F103 for ; Tue, 8 Aug 2023 15:48:36 -0700 (PDT) Received: by mail-oi1-x24a.google.com with SMTP id 5614622812f47-3a78a29bcd9so5914232b6e.1 for ; Tue, 08 Aug 2023 15:48:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534915; x=1692139715; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2n+nft1J+ou/Hn4BoHtSydnM2Q6o7LrROT4GXzieyqk=; b=Z4tv8uuXCuHU3DyrL7CiwM7GRo//gKoN1gu49jVnkLDa77GxmOTvrZb6iVPtpovqAa y/YZP94ASRtbfUFGv2+k/+4bVka6Zb8iEhQgqrCavmKZqb5Vf3DMxM1GXr8d184OeWox Jkmar07CKdQd0GpGqnTygT2rhd0kL32dr73jAc1qnhLAgdE130ZeCZfffAKAkJ6p4g+3 Dhu8FFeDILrfEK66hbM9G62Cn84pEjVIyl6RtRVPcwxUI4pmvlJGyT/b7ZFu6jTEPe4q d4n4ZEeUzxKpvL+rOyjg+0S0zqmMfzBzAsT4DyiSxbJFnPTWrd8jZrG0UVA3jQ81IpYK PMoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534915; x=1692139715; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2n+nft1J+ou/Hn4BoHtSydnM2Q6o7LrROT4GXzieyqk=; b=bV89ZiKBh41vFWbCCuTCCMPjmfta8jNEGkKCGBu9v+1Cy7/MTIhD3wEHsBSuWgBVWb ztX9wZw/bHC3e15EaNBgiY/PnPjCZk45+jtLdZ7OAWTymjSEvUU31+J49TWtxl883uyX YF87WwBS43qOumSs6zNnZZN0dabgCxp8lGbOAI+iUtdA8osmhEVMDEROraCBgEp1MA16 q56uef4u/jeiiOUwwzRzPgktaBkBFey9K0IyZ8SWTgIp5H+Dm64X7kSGYQZnwuFsDPge zazLkFvy+gg5m0bSD8RJvTmNhsrFg86PkUsccelTK6xkxLz1mxn67u+NULvBZ4iFlL4I e46A== X-Gm-Message-State: AOJu0YwxLdE+yshLL/anYcR3sT34ZBYKBljU08N/DKsrXlCwyGL96xBB WVEg1QE95nxNJx9FUSkpNVJBECYhIygxZQHNEw== X-Google-Smtp-Source: AGHT+IG33SMyJD9jmKUFIKwhFa1OIm3UDBC6wsCIb+3jj0vK9d47zhFOBFyzd3Ind1lxI6YX0YxchI++1WpiDqFOxQ== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6808:180f:b0:3a6:feb1:bb83 with SMTP id bh15-20020a056808180f00b003a6feb1bb83mr630290oib.3.1691534915476; Tue, 08 Aug 2023 15:48:35 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:07 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1355; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=h9/FJ0Derc+kHy1+HyfJeM72Jn/xHxsLrarMyJSTkdI=; b=nCzazijk+LV8MhghKkMBl3+PR9A0KP6j7aeC8rKtHaGSgAXmI98rCZPOtIh3eqAsdnnK140X5 2tW2f/G0EY9C+Xes0E05fHk1dEoFtF75/yOMaNAtBErqXMEO7z5CTOV X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-2-efbbe4ec60af@google.com> Subject: [PATCH 2/7] netfilter: nf_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Prefer `strscpy` over `strncpy`. Signed-off-by: Justin Stitt --- Note: It is hard to tell if there was a bug here in the first place but it's better to use a more robust and less ambiguous interface anyways. `helper->name` has a size of 16 and the 3rd argument to `strncpy` (NF_CT_HELPER_LEN) is also 16. This means that depending on where `dest`'s offset is relative to `regs->data` which has a length of 20, there may be a chance the dest buffer ends up non NUL-terminated. This is probably fine though as the destination buffer in this case may be fine being non NUL-terminated. If this is the case, we should probably opt for `strtomem` instead of `strscpy`. --- net/netfilter/nft_ct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 38958e067aa8..10126559038b 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -108,7 +108,7 @@ static void nft_ct_get_eval(const struct nft_expr *expr, helper = rcu_dereference(help->helper); if (helper == NULL) goto err; - strncpy((char *)dest, helper->name, NF_CT_HELPER_NAME_LEN); + strscpy((char *)dest, helper->name, NF_CT_HELPER_NAME_LEN); return; #ifdef CONFIG_NF_CONNTRACK_LABELS case NFT_CT_LABELS: { From patchwork Tue Aug 8 22:48:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347137 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC2D9C04FDF for ; Tue, 8 Aug 2023 22:48:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231442AbjHHWsi (ORCPT ); Tue, 8 Aug 2023 18:48:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47534 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231374AbjHHWsh (ORCPT ); Tue, 8 Aug 2023 18:48:37 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 573CC10E for ; Tue, 8 Aug 2023 15:48:37 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-56942442eb0so73698097b3.1 for ; Tue, 08 Aug 2023 15:48:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534916; x=1692139716; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=pWB/bxoqLSL/ZtMTZ8dV/jChYqo6p+fCOGWCHHtspAU=; b=l0+YZUWT9MVORUoAKyZtIiSvH9yjrNYKYquI4h6G3Bw2EZqzd31uHqgRU63WUeJiTY CpJguIuWZtSwCxzXZL7m605eZS8Es5f38S3flkVmk3kM8LB0HvSqtkdI1c7Z2AyBkGtq 5NfO/1zVNGQ5YGvx0dhjCckfQkOwM8SuFYDezhYuUQtB+xJ3JKUpKSCYccD2Z2qKxi22 OO6RsTdtADjOReVX0UY1bUfshvROIJWuQWuJYZtqakkYY3FJ3grYtZbKyVjGMV37v+ur OCp34anb+2N2Kvfjr0/rniDTTRMNJAKTjeHOC8KCmX2XwY+Iinw733StNw48QbzrItoa QVdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534916; x=1692139716; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pWB/bxoqLSL/ZtMTZ8dV/jChYqo6p+fCOGWCHHtspAU=; b=eNE5EKbA/ZA3SDYmuvnSCPYx+1lWpzoMtKH+fs/uWj9CHpVmOVIvtKg+EhxbTQyHau lrRXVgeahDUfWk8dcQ6jJqYaoBtxGWAZrO3V1uE21zG+CYLP+or/AuCmKMr80vbB/CTC bVa1OSMavFsb+pjhlmUfLsqclFaL0+b/aLT4WYnSKkF1r47gAwluIRdOFf2QKxUNK9A7 uYMdnIEOR1I+oJ9bWHSNC7Yj74fLIRSseyw2NWdW1BsFEjcwSh0RFv/RGCzmkoUQsk2x zp87VIttOF5WXlKfBONd1i15+da6YBJ4+fn7KbM29wkdDuDE60xKRGgNL0TSF+xRMWgD 5jWg== X-Gm-Message-State: AOJu0YwSq2/xsxhhpLosqouTvQfa6s6M+rbC8d41412XwvBh29jxOX3+ /HXQtPiNRWPVbLUZ8iN8niGXYYvvpkZg58+jYQ== X-Google-Smtp-Source: AGHT+IEZqIi+KfXakktMR77yvcqvv7E79OwhtWF6B0zRs21LhdiLRA3ymZOhLEcubECjKuLZCFe6Vy5Az1cpq5gVng== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:ae05:0:b0:579:f832:74b with SMTP id m5-20020a81ae05000000b00579f832074bmr22779ywh.10.1691534916696; Tue, 08 Aug 2023 15:48:36 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:08 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=968; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=ql8BKCTJsc3POKLEq/ADab6DF9AYOTL/azd4EamUBcI=; b=P3R80qBBGIzHAbifBNpGmUCEncCAPqmEwus6LSS+QDg9lMvg2IHe2edYrrt/QOZp2p4frMdd+ ACoDi+vL9tDBW4ezE6keUa+9XyhIWr0M32IT7a0qKJXdIEfk7Y9a0tM X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-3-efbbe4ec60af@google.com> Subject: [PATCH 3/7] netfilter: nf_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Prefer `strscpy` over `strncpy`. Signed-off-by: Justin Stitt --- Note: `strscpy` is generally preferred to `strncpy` for use on NUL-terminated destination strings. In this case, however, it is hard for me to tell if the dest buffer wants to be NUL-terminated or not. If NUL-termination is not needed behavior here, let's use `strtomem`. --- net/netfilter/nft_fib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c index 6e049fd48760..f1a3692f2dbd 100644 --- a/net/netfilter/nft_fib.c +++ b/net/netfilter/nft_fib.c @@ -150,7 +150,7 @@ void nft_fib_store_result(void *reg, const struct nft_fib *priv, if (priv->flags & NFTA_FIB_F_PRESENT) *dreg = !!dev; else - strncpy(reg, dev ? dev->name : "", IFNAMSIZ); + strscpy(reg, dev ? dev->name : "", IFNAMSIZ); break; default: WARN_ON_ONCE(1); From patchwork Tue Aug 8 22:48:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347138 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9630FC41513 for ; Tue, 8 Aug 2023 22:48:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231485AbjHHWsk (ORCPT ); Tue, 8 Aug 2023 18:48:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47566 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229588AbjHHWsj (ORCPT ); Tue, 8 Aug 2023 18:48:39 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 63114103 for ; Tue, 8 Aug 2023 15:48:38 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-57320c10635so73806887b3.3 for ; Tue, 08 Aug 2023 15:48:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534917; x=1692139717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=+19GBVsvDAVjAStBWUAxMG4PPU/OGJ0H5JL5ZuTDef8=; b=33XuWQ+JZacYiunpRf/VpLL+ieGu6gFKhP/kfQt/A/PUBZLTtlxm2/2ie17ypqdLXY XZ7+ymtQ1v237YLPLscwE4bYYZtLPGAUnvBPdCwgT4CADDloYMGmBTI1DA7qAvS1R5dj X5875/w1a0yhqtAQvxC6fc6uFKRhNLsFUanyAesrsxo13nRi2pfWJejJ9tJxOcxd8dpF ueY3fqdWb4iOeEX+HcwPaNrfJYa2/TrdvsAEOpb205dHLWqEOgdL1jjKWHfUJjZd2v2z 9oPx/UHQiuz+JRfRFEOY0zAGyBLscrLc721CcjSFpnolkANjOiG1ia1lj7+HQvcd3e7U YNig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534917; x=1692139717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+19GBVsvDAVjAStBWUAxMG4PPU/OGJ0H5JL5ZuTDef8=; b=fxLRFdTVUQbYI6zNnyfnBGXTtXh+u5pU7Rq5vIcJyOvJnOuS7bJa90tz2KrocpB8jz TkYejJH3M/d/dvGNhYJTjfhmplsZF3iZ51FKBv+WaJ9BEJcewztyQ+9Lv+aKhpXywEow 4SI9GKzuAeukekmZgygyDrL1k3rjGgUIlChBAjggPJpeTh3LKzCTgu6sV8u867D0q4qp I1+A/dpKxBPjCvK5+kJh6jCtCacvovcBMt45Fwo86wZtTfXI8BNmocJTNPVSDmarbtiC /pE1HCp7gkxeyDs9DFYq9EN1IJl3uKnW44d7X7SlT6PYgR+lI6iXl6z4v7hmAYmXOy9u oJpg== X-Gm-Message-State: AOJu0YzzYwb8AA7VykBVRu3CtbbUkpfc+fhbMLywJm0z5bDQw326hD0v IM+4fHjzbhqT2ArVrURM+e8L5ALflPPMzL5eew== X-Google-Smtp-Source: AGHT+IFmi1uCoUT8+dYsT7cZBMlrh5k6XVkXA76elJmMnRkNeuD4fuUb4fXU9XUyJeJrtDUUPIvD3QYnLXeDP+3YLw== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:414c:0:b0:583:a3c1:6b5a with SMTP id f12-20020a81414c000000b00583a3c16b5amr23219ywk.4.1691534917623; Tue, 08 Aug 2023 15:48:37 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:09 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1607; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=GBQjyBthg5dmrMfaCEkr5QXSIAmXCZ5owhSbCo8Ik6c=; b=l4qPLd4+/BNAz/Lm7D/syXKR78TObwPJdYwbnpE7ksVaBVJA3lf0WqxSNnU3hcPfzO6VTlbM+ dgb9SEDK59NATnse+FDklDxWNo24X2WOTSFQSKlQggwoEor3t6oFjrl X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-4-efbbe4ec60af@google.com> Subject: [PATCH 4/7] netfilter: nft_meta: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Prefer `strscpy` to `strncpy` since it's more robust and less ambiguous. Signed-off-by: Justin Stitt --- Note: I wasn't able to tell what the expected size of `out->rtnl_link_ops->kind` is. If it is less than or equal to `IFNAMSIZ` then there was no bug present and a bug present otherwise. Nonetheless, let's swap over to strscpy. --- net/netfilter/nft_meta.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 8fdc7318c03c..de8ced05a273 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -185,12 +185,12 @@ static noinline bool nft_meta_get_eval_kind(enum nft_meta_keys key, case NFT_META_IIFKIND: if (!in || !in->rtnl_link_ops) return false; - strncpy((char *)dest, in->rtnl_link_ops->kind, IFNAMSIZ); + strscpy((char *)dest, in->rtnl_link_ops->kind, IFNAMSIZ); break; case NFT_META_OIFKIND: if (!out || !out->rtnl_link_ops) return false; - strncpy((char *)dest, out->rtnl_link_ops->kind, IFNAMSIZ); + strscpy((char *)dest, out->rtnl_link_ops->kind, IFNAMSIZ); break; default: return false; @@ -206,7 +206,7 @@ static void nft_meta_store_ifindex(u32 *dest, const struct net_device *dev) static void nft_meta_store_ifname(u32 *dest, const struct net_device *dev) { - strncpy((char *)dest, dev ? dev->name : "", IFNAMSIZ); + strscpy((char *)dest, dev ? dev->name : "", IFNAMSIZ); } static bool nft_meta_store_iftype(u32 *dest, const struct net_device *dev) From patchwork Tue Aug 8 22:48:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347139 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 708BEC04FE0 for ; Tue, 8 Aug 2023 22:48:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231594AbjHHWsn (ORCPT ); Tue, 8 Aug 2023 18:48:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36834 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231476AbjHHWsk (ORCPT ); Tue, 8 Aug 2023 18:48:40 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7ECF8137 for ; Tue, 8 Aug 2023 15:48:39 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d074da73c3eso5785902276.3 for ; Tue, 08 Aug 2023 15:48:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534918; x=1692139718; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FjrWn1fSMygYDZZgckHhk0mXRfqs5Nidx65ICO3A52I=; b=gV4k4AQmJbNKxgLMYapJVIyO+9QcRPAfIhEdNQg0adenoyHWaTerujLmngfOXKcDvE DH3nTqA0kwzcCzLf6rxttNAOaJi/l5pr5ZiQFaLGXpuby+Az24eT0gxFj9TXFKS/4OX5 VfWhqmlOIrgsoLOGFKr5LcIyQkoqKUdV2n+sWwqJ2G1B99tL7e3HTacu1x99c9fvCSZM BJXaYkIwuqE+r7BOIKKIVjI8XEkaZbNeH2eYr148VmffSGU8/uWx9fjbing1ZRjq3vss hg76ITGXmsQEVRX3T+Y1ADizkXb6H36uNS1m4cqUy9bQgz/myepQzF5SKC77aMhxtNaY izGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534918; x=1692139718; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FjrWn1fSMygYDZZgckHhk0mXRfqs5Nidx65ICO3A52I=; b=Tzs5ZH9MP9Z8YBCMiN5cPgn8cZgc7yETHvICrIkvC0D3se0gtVgwdSPUVSIrS2Idc/ f8xsEEGVgoYsn+Vx/NZqcUonmmAff8XxxmQySbRf9po3mJUXQBSUhaMxr9hhaNz2t4N3 thD09Wmiu2Q8dmSjsCRHvMMO69M4PzUmBX+Djz08V/kO2gx3oLs3oMDMjHiW+kS4Osxe aqPZxWgzLH2aO7A8geQQldpCsD8XPRj+lEIzewDrrGSPxtQff5TKq6+krTxjRKAwbB4s 0uXfs0cX3DJyx9Jg4i/bSCNM2AHkh5m0SEaRRh+6XdEMm/wCmGxs3bCjaRykbF6dksZA HQnw== X-Gm-Message-State: AOJu0Yyc+tF3JLaKcQ1GLC2jlm5992aoPNVux1i3jlwGLun41iNBK6gE Pw2M28XSBoPKJcBUa3g1a9PrHpPkyPw+tUQejw== X-Google-Smtp-Source: AGHT+IGmyferwFNnbxw0iCzx/r3zkBXWgrh+IPzWVl1hamVpmOKPWK2mKFogqArbcsqyWhuzHoHX0ySiHTOwsP9CQg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6902:690:b0:d46:45a1:b775 with SMTP id i16-20020a056902069000b00d4645a1b775mr21159ybt.3.1691534918649; Tue, 08 Aug 2023 15:48:38 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:10 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1584; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=TYjOW+AvMsSrKx/9aDmBZSW/vTLjOkdZMrUIxM50vSU=; b=RGO1nAXLC7fjnapekTUAeCHeVncKTCYqVtHP5+QOVJP9VkBsqI4ExgD47xSB2HnII22YwkXMP Jzqi8qIzqKQBStS0NzWem8DN0iJX/MUqERbE9rWZLT517qZ1WczKGid X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-5-efbbe4ec60af@google.com> Subject: [PATCH 5/7] netfilter: nft_osf: refactor deprecated strncpy to strscpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Use `strscpy` over `strncpy` for NUL-terminated strings. We can also drop the + 1 from `NFT_OSF_MAXGENRELEN + 1` since `strscpy` will guarantee NUL-termination. Signed-off-by: Justin Stitt --- net/netfilter/nft_osf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c index 70820c66b591..4844e0109a58 100644 --- a/net/netfilter/nft_osf.c +++ b/net/netfilter/nft_osf.c @@ -23,7 +23,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, struct nft_osf *priv = nft_expr_priv(expr); u32 *dest = ®s->data[priv->dreg]; struct sk_buff *skb = pkt->skb; - char os_match[NFT_OSF_MAXGENRELEN + 1]; + char os_match[NFT_OSF_MAXGENRELEN]; const struct tcphdr *tcp; struct nf_osf_data data; struct tcphdr _tcph; @@ -45,7 +45,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, } if (!nf_osf_find(skb, nf_osf_fingers, priv->ttl, &data)) { - strncpy((char *)dest, "unknown", NFT_OSF_MAXGENRELEN); + strscpy((char *)dest, "unknown", NFT_OSF_MAXGENRELEN); } else { if (priv->flags & NFT_OSF_F_VERSION) snprintf(os_match, NFT_OSF_MAXGENRELEN, "%s:%s", @@ -53,7 +53,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs, else strscpy(os_match, data.genre, NFT_OSF_MAXGENRELEN); - strncpy((char *)dest, os_match, NFT_OSF_MAXGENRELEN); + strscpy((char *)dest, os_match, NFT_OSF_MAXGENRELEN); } } From patchwork Tue Aug 8 22:48:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347140 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8FF7FC04FDF for ; Tue, 8 Aug 2023 22:48:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231544AbjHHWsm (ORCPT ); Tue, 8 Aug 2023 18:48:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36854 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231511AbjHHWsl (ORCPT ); Tue, 8 Aug 2023 18:48:41 -0400 Received: from mail-oo1-xc4a.google.com (mail-oo1-xc4a.google.com [IPv6:2607:f8b0:4864:20::c4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8AEFF106 for ; Tue, 8 Aug 2023 15:48:40 -0700 (PDT) Received: by mail-oo1-xc4a.google.com with SMTP id 006d021491bc7-56d46f0ac4bso8549665eaf.1 for ; Tue, 08 Aug 2023 15:48:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534920; x=1692139720; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Pvwje1x+fgK9E9IR7qsfn31Dc5XiXldAZ1Fo1xHQpAo=; b=ZowPnFVAEOQu1o/+XzT8fcaX6DHlVccwrE7gGNHkAx3YDdV+D3o7fUpYyj/vi1Ct5Q +QYJDWnAhftWiK8EgTciXmjxfJNfL1DHfcE3o+XOVVHbUUBr2oc33L84fXDKdg0spibe GZ5bqdG9qrHx/UtSzbaBTMqp6lQxfoXnPa2UM0vLrI7Zb2YiefFjL0pSu/+rNaKy1wlN XhfOQJjCKLo/y7i/PPyKhKK6HKjXtVSpBWc22UEpkQAx89z/FVCmSvgnGCxbk5FjWRbD QKj317GKJBKiDYTXPzGM5v1TxwYmVWI7QXAAaldoX9Tx9r5cTrpz+UfvZC+saxnSr//L 67Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534920; x=1692139720; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Pvwje1x+fgK9E9IR7qsfn31Dc5XiXldAZ1Fo1xHQpAo=; b=SfL4aENpvq7nBEUZD+JfH/2ysCp/hmvxt5frw6XktBVpFEkOUbw2dfJOE+pfHXukS+ liYeCvzIdtYDghtmfC3EjqPkWodSuSbGcg+q357upEUGs0k/qUeOT6PEuAsO4moX2cIK TmXsO3T4bgtdIZj15pOb2EKGiEEFp+pua0lgGqNe+Cob3izJ099GwsskdzD19k0as7k0 NmCuws2y5IgaXHThpgWOOyPURzLVt7UzTrWyQ4+4qGbh+CwzDrp/49+I6+inZ33gBqNF 0mSXmb4+9YwkUKyw58nGRfoX7osYf4dJUQJ3Gm8JDCYz3QdEiVETL1R15y4oJKbfgfOY 9dKA== X-Gm-Message-State: AOJu0YxYHN+aVjVBrc+ORw4qJ6C7VLrw+2Ce/lmEoR0bdrgmQCnTXciq 1FqEGuolJSlqh+clSB3mhpJauqq/jgJTBS8lRg== X-Google-Smtp-Source: AGHT+IFfTapulzyD7mF8uId+U6qhT9W1jzh/xLHutjoQ+baESmwt1nASohgDjGgqfc8DbSFYevzOUew1G7Fcn9bwfg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6870:5b03:b0:1bf:a06f:ce6f with SMTP id ds3-20020a0568705b0300b001bfa06fce6fmr315997oab.9.1691534919982; Tue, 08 Aug 2023 15:48:39 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:11 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1616; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=epcsNlzjLL3K9DAOvrsRp37/1eZVu8TeiuJpMs34l/Q=; b=L1P2cQc3z99LSWR/qio44oxncmlWLIBSvxY6HOu5W2BRo4B41BhDGwuAbcow63n2hPhRjceUI 9E5bGIoGP2nDYAORkqUToKLoCEdCN/nRopReeZhHhL/7pSX4tiOQrrn X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-6-efbbe4ec60af@google.com> Subject: [PATCH 6/7] netfilter: x_tables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Prefer `strscpy` to `strncpy` for use on NUL-terminated destination buffers. This fixes a potential bug due to the fact that both `t->u.user.name` and `name` share the same size. Signed-off-by: Justin Stitt --- Here's an example of what happens when dest and src share same size: | #define MAXLEN 5 | char dest[MAXLEN]; | const char *src = "hello"; | strncpy(dest, src, MAXLEN); // -> should use strscpy() | // dest is now not NUL-terminated --- net/netfilter/x_tables.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 470282cf3fae..714a38ec9055 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -768,7 +768,7 @@ void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, m->u.user.match_size = msize; strscpy(name, match->name, sizeof(name)); module_put(match->me); - strncpy(m->u.user.name, name, sizeof(m->u.user.name)); + strscpy(m->u.user.name, name, sizeof(m->u.user.name)); *size += off; *dstptr += msize; @@ -1148,7 +1148,7 @@ void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr, t->u.user.target_size = tsize; strscpy(name, target->name, sizeof(name)); module_put(target->me); - strncpy(t->u.user.name, name, sizeof(t->u.user.name)); + strscpy(t->u.user.name, name, sizeof(t->u.user.name)); *size += off; *dstptr += tsize; @@ -2014,4 +2014,3 @@ static void __exit xt_fini(void) module_init(xt_init); module_exit(xt_fini); - From patchwork Tue Aug 8 22:48:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13347141 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3848BC05051 for ; Tue, 8 Aug 2023 22:48:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231524AbjHHWso (ORCPT ); Tue, 8 Aug 2023 18:48:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36866 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231542AbjHHWsm (ORCPT ); Tue, 8 Aug 2023 18:48:42 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 942911B6 for ; Tue, 8 Aug 2023 15:48:41 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5840614b13cso6940027b3.0 for ; Tue, 08 Aug 2023 15:48:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691534921; x=1692139721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=G9OF2QFsiP3MkrzN4gKJO5o0WhLZ6LzcN9E8K6dc8dQ=; b=Tk5sym5cRDFSry8K+vc1HytKkY3IbV6iZulQcdqzajiE0IVk3xAlVvRndUZmAf1bym qmBA/CUFS/PGUXiFjGhkccdVwoX3zHUdcOMoLvXMMUMjR8yufvUM3BMxdbZVUZUBohHJ XDd0dKfCAqHUdAGRMbnyrr4FGDyVDAC1FubuFJd7iCMUjnLDpsu9n3DTiB9Phq8Qvf0E q8U2keEGG0MEUAozFw72uG4Zvu2LbBhukIi5JUVz+Vr+B72eM5IBoS4QlmZ4vDb1Wq63 DfyTE1Qq1a9iFWqR253R9wuYjfP9rEWY7oXwiicHyPCLs7WfdwbOq9mI2Yx1daOUKLxs Jqyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691534921; x=1692139721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=G9OF2QFsiP3MkrzN4gKJO5o0WhLZ6LzcN9E8K6dc8dQ=; b=FS+htgdxHOvuTROwBYnzOWqnnSn1Jgm0lwOyjkHRt5QglcRjRiPjZBqhGYPRA0iM9i Pm8s6kveBQHubE4b8apz6WiPocGnpdio/80UTm3hT3FJg4fIxxepE574jY+A8+HIEqR8 CXZ9EH7QsRt94gUdTdeGgDCFdN8i8S9ebDAO4RQMKLJt8oNoKvMP/xSR6UkZjmULUXEz a9Oh1OvQ61wfmZvkmHLmCs5rcdtU4Qi8CEXsODRm+900dlUzSzH0BZzaPwMwa/B3xLNt 48zJ2nxs9M9PpijHzAJDMwEgPPLTpacbqvuPtKF1fBJjK/0VnHQqKFmTKpko04KjmZjc r7Iw== X-Gm-Message-State: AOJu0YyZAPohmotRibo8soDo/6aircZhV3/kxNywlbwfhWGXFBZfKWAI OuoSHhlhSw3BrG32PiVWTH1je//c3QRaWk6BnQ== X-Google-Smtp-Source: AGHT+IGCyJW7+H01CcBpmwMLWO4IJOM2JRZefUJenQ9SapEIQSusWKx57m2Q2rpVYsPLUriKIRjxQtAgRFf96MgkCg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:b61a:0:b0:586:e91a:46c2 with SMTP id u26-20020a81b61a000000b00586e91a46c2mr107296ywh.4.1691534920928; Tue, 08 Aug 2023 15:48:40 -0700 (PDT) Date: Tue, 08 Aug 2023 22:48:12 +0000 In-Reply-To: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> Mime-Version: 1.0 References: <20230808-net-netfilter-v1-0-efbbe4ec60af@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1691534912; l=1134; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=Bp+w2rTLNgdzNlxLi9FLD4utZ4QUqpPxaPIds7U/AGY=; b=odK4V1dqN6Y308K04MH8d/MRrkeaDSd1rELzLfU+7SDbRdFBl0nXUSsw+H9Y12YsVkVDC43lj zmYSndS5Js/Dv3+IClsSCDsbs7OJ2vOQ6onFe43X7Ff2wDY/LO6DwG0 X-Mailer: b4 0.12.3 Message-ID: <20230808-net-netfilter-v1-7-efbbe4ec60af@google.com> Subject: [PATCH 7/7] netfilter: xtables: refactor deprecated strncpy From: Justin Stitt To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: linux-hardening@vger.kernel.org, Kees Cook , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Prefer `strscpy` as it's a more robust interface. There may have existed a bug here due to both `tbl->repl.name` and `info->name` having a size of 32 as defined below: | #define XT_TABLE_MAXNAMELEN 32 This may lead to buffer overreads in some situations -- `strscpy` solves this by guaranteeing NUL-termination of the dest buffer. Signed-off-by: Justin Stitt --- Note: build tested only --- net/netfilter/xt_repldata.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/xt_repldata.h b/net/netfilter/xt_repldata.h index 68ccbe50bb1e..63869fd0ec57 100644 --- a/net/netfilter/xt_repldata.h +++ b/net/netfilter/xt_repldata.h @@ -29,7 +29,7 @@ if (tbl == NULL) \ return NULL; \ term = (struct type##_error *)&(((char *)tbl)[term_offset]); \ - strncpy(tbl->repl.name, info->name, sizeof(tbl->repl.name)); \ + strscpy(tbl->repl.name, info->name, sizeof(tbl->repl.name)); \ *term = (struct type##_error)typ2##_ERROR_INIT; \ tbl->repl.valid_hooks = hook_mask; \ tbl->repl.num_entries = nhooks + 1; \