Fix the language around return values to indicate destination instead of
source.
Reported-by: Masahiro Yamada <[email protected]>
Link: https://lore.kernel.org/lkml/CAK7LNAQvQBhjYgSkvm-dVyNz2Jd2C2qAtfyRk-rngEDfjkc38g
Cc: Nick Desaulniers <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
---
This is a fix for lib-stringc-implement-stpcpy.patch in -mm.
Andrew, please note that it would be nice to get this into -rc6
to unbreak the clang builds.
Thanks!
---
lib/string.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/string.c b/lib/string.c
index 6bd0cf0fb009..32a56436c7eb 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -280,12 +280,12 @@ EXPORT_SYMBOL(strscpy_pad);
* @src: pointer to the beginning of string being copied from. Must not overlap
* dest.
*
- * stpcpy differs from strcpy in a key way: the return value is the new
- * %NUL-terminated character. (for strcpy, the return value is a pointer to
- * src. This interface is considered unsafe as it doesn't perform bounds
- * checking of the inputs. As such it's not recommended for usage. Instead,
- * its definition is provided in case the compiler lowers other libcalls to
- * stpcpy.
+ * stpcpy differs from strcpy in a key way: the return value is a pointer
+ * to the new %NUL-terminated character in @dest. (For strcpy, the return
+ * value is a pointer to the start of @dest. This interface is considered
+ * unsafe as it doesn't perform bounds checking of the inputs. As such it's
+ * not recommended for usage. Instead, its definition is provided in case
+ * the compiler lowers other libcalls to stpcpy.
*/
char *stpcpy(char *__restrict__ dest, const char *__restrict__ src);
char *stpcpy(char *__restrict__ dest, const char *__restrict__ src)
--
2.25.1
--
Kees Cook
On Sun, Sep 06, 2020 at 03:06:29AM -0700, Kees Cook wrote:
> Fix the language around return values to indicate destination instead of
> source.
>
> Reported-by: Masahiro Yamada <[email protected]>
> Link: https://lore.kernel.org/lkml/CAK7LNAQvQBhjYgSkvm-dVyNz2Jd2C2qAtfyRk-rngEDfjkc38g
> Cc: Nick Desaulniers <[email protected]>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> This is a fix for lib-stringc-implement-stpcpy.patch in -mm.
>
> Andrew, please note that it would be nice to get this into -rc6
> to unbreak the clang builds.
>
> Thanks!
> ---
> lib/string.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/lib/string.c b/lib/string.c
> index 6bd0cf0fb009..32a56436c7eb 100644
> --- a/lib/string.c
> +++ b/lib/string.c
> @@ -280,12 +280,12 @@ EXPORT_SYMBOL(strscpy_pad);
> * @src: pointer to the beginning of string being copied from. Must not overlap
> * dest.
> *
> - * stpcpy differs from strcpy in a key way: the return value is the new
> - * %NUL-terminated character. (for strcpy, the return value is a pointer to
> - * src. This interface is considered unsafe as it doesn't perform bounds
> - * checking of the inputs. As such it's not recommended for usage. Instead,
> - * its definition is provided in case the compiler lowers other libcalls to
> - * stpcpy.
> + * stpcpy differs from strcpy in a key way: the return value is a pointer
> + * to the new %NUL-terminated character in @dest. (For strcpy, the return
> + * value is a pointer to the start of @dest. This interface is considered
^ need closing parenthesis
Thanks.
On Sun, Sep 06, 2020 at 12:08:09PM -0400, Arvind Sankar wrote:
> On Sun, Sep 06, 2020 at 03:06:29AM -0700, Kees Cook wrote:
> > Fix the language around return values to indicate destination instead of
> > source.
> >
> > Reported-by: Masahiro Yamada <[email protected]>
> > Link: https://lore.kernel.org/lkml/CAK7LNAQvQBhjYgSkvm-dVyNz2Jd2C2qAtfyRk-rngEDfjkc38g
> > Cc: Nick Desaulniers <[email protected]>
> > Signed-off-by: Kees Cook <[email protected]>
> > ---
> > This is a fix for lib-stringc-implement-stpcpy.patch in -mm.
> >
> > Andrew, please note that it would be nice to get this into -rc6
> > to unbreak the clang builds.
> >
> > Thanks!
> > ---
> > lib/string.c | 12 ++++++------
> > 1 file changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/lib/string.c b/lib/string.c
> > index 6bd0cf0fb009..32a56436c7eb 100644
> > --- a/lib/string.c
> > +++ b/lib/string.c
> > @@ -280,12 +280,12 @@ EXPORT_SYMBOL(strscpy_pad);
> > * @src: pointer to the beginning of string being copied from. Must not overlap
> > * dest.
> > *
> > - * stpcpy differs from strcpy in a key way: the return value is the new
> > - * %NUL-terminated character. (for strcpy, the return value is a pointer to
> > - * src. This interface is considered unsafe as it doesn't perform bounds
> > - * checking of the inputs. As such it's not recommended for usage. Instead,
> > - * its definition is provided in case the compiler lowers other libcalls to
> > - * stpcpy.
> > + * stpcpy differs from strcpy in a key way: the return value is a pointer
> > + * to the new %NUL-terminated character in @dest. (For strcpy, the return
> > + * value is a pointer to the start of @dest. This interface is considered
> ^ need closing parenthesis
>
> Thanks.
*face in hands* Yup. Andrew, do you want to poke that yourself or should
I send a fix-fix? :)
--
Kees Cook
On Sun, 6 Sep 2020 13:26:32 -0700 Kees Cook <[email protected]> wrote:
> On Sun, Sep 06, 2020 at 12:08:09PM -0400, Arvind Sankar wrote:
> > On Sun, Sep 06, 2020 at 03:06:29AM -0700, Kees Cook wrote:
> > > Fix the language around return values to indicate destination instead of
> > > source.
> > >
> > > Reported-by: Masahiro Yamada <[email protected]>
> > > Link: https://lore.kernel.org/lkml/CAK7LNAQvQBhjYgSkvm-dVyNz2Jd2C2qAtfyRk-rngEDfjkc38g
> > > Cc: Nick Desaulniers <[email protected]>
> > > Signed-off-by: Kees Cook <[email protected]>
> > > ---
> > > This is a fix for lib-stringc-implement-stpcpy.patch in -mm.
> > >
> > > Andrew, please note that it would be nice to get this into -rc6
> > > to unbreak the clang builds.
> > >
> > > Thanks!
> > > ---
> > > lib/string.c | 12 ++++++------
> > > 1 file changed, 6 insertions(+), 6 deletions(-)
> > >
> > > diff --git a/lib/string.c b/lib/string.c
> > > index 6bd0cf0fb009..32a56436c7eb 100644
> > > --- a/lib/string.c
> > > +++ b/lib/string.c
> > > @@ -280,12 +280,12 @@ EXPORT_SYMBOL(strscpy_pad);
> > > * @src: pointer to the beginning of string being copied from. Must not overlap
> > > * dest.
> > > *
> > > - * stpcpy differs from strcpy in a key way: the return value is the new
> > > - * %NUL-terminated character. (for strcpy, the return value is a pointer to
> > > - * src. This interface is considered unsafe as it doesn't perform bounds
> > > - * checking of the inputs. As such it's not recommended for usage. Instead,
> > > - * its definition is provided in case the compiler lowers other libcalls to
> > > - * stpcpy.
> > > + * stpcpy differs from strcpy in a key way: the return value is a pointer
> > > + * to the new %NUL-terminated character in @dest. (For strcpy, the return
> > > + * value is a pointer to the start of @dest. This interface is considered
> > ^ need closing parenthesis
> >
> > Thanks.
>
> *face in hands* Yup. Andrew, do you want to poke that yourself or should
> I send a fix-fix? :)
I haven't got onto the stpcpy() base patch yet, so a full resend of
a v4 would be nice please.