Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753850AbdCBGOR (ORCPT ); Thu, 2 Mar 2017 01:14:17 -0500 Received: from shards.monkeyblade.net ([184.105.139.130]:56962 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751155AbdCBGOO (ORCPT ); Thu, 2 Mar 2017 01:14:14 -0500 Date: Wed, 01 Mar 2017 20:57:52 -0800 (PST) Message-Id: <20170301.205752.2006881054868352173.davem@davemloft.net> To: glider@google.com Cc: dvyukov@google.com, kcc@google.com, edumazet@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt() From: David Miller In-Reply-To: <20170301115720.99985-1-glider@google.com> References: <20170301115720.99985-1-glider@google.com> X-Mailer: Mew version 6.7 on Emacs 25.1 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 01 Mar 2017 20:57:53 -0800 (PST) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 659 Lines: 18 From: Alexander Potapenko Date: Wed, 1 Mar 2017 12:57:20 +0100 > KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of > uninitialized memory in packet_bind_spkt(): ... > This happens because addr.sa_data copied from the userspace is not > zero-terminated, and copying it with strlcpy() in packet_bind_spkt() > results in calling strlen() on the kernel copy of that non-terminated > buffer. > > Signed-off-by: Alexander Potapenko > --- > Changes since v3: > - addressed comments by Eric Dumazet (avoid using constants, > use memcpy() instead of strncpy()) Applied and queued up for -stable.