Received: by 10.223.185.116 with SMTP id b49csp5502107wrg; Wed, 7 Mar 2018 12:55:59 -0800 (PST) X-Google-Smtp-Source: AG47ELsiWlW4sUtdrKZnyTJoQz4NGy5u96Uvg4RAl9gmNGlWxns0phQEnyucC9V2HRnBP1f5x7N/ X-Received: by 2002:a17:902:5a1:: with SMTP id f30-v6mr15056355plf.124.1520456159820; Wed, 07 Mar 2018 12:55:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520456159; cv=none; d=google.com; s=arc-20160816; b=tdDMOmTHBsJc41jNyukQaEK9kcs0lv3sGedtkMnNzzjvv6whpW7WpZqglZKP9Yguc0 L9cZA1E8Vwc0rYmISbFa+ix/YcgKNO2sewVppYr26W+UjujaOdgJzKQkHFoWbVD50b4i TgYq19UZavIs76dCeGLy4btYfywdKXecfJajj6pCPun/1FnxMDwb+9o7C7Mj+jn5JSFJ Ko8THt7bAYkD8r4j8iwswseKEFVhnScVYy7XEI9h4AE2euQ9op4cRAZST2NkEPvBHKJB R5N9MRlz6vjSroVDYSCFJk11HsqkXA3JySVVv2jZshWvGJgl5re3Ogk6Wa7jG8+w5rpS A0Mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition:mime-version :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=ileWHI5+By+Q+YpjCxvNDNzIe0/7iYAnR9RvaE86n3E=; b=0YsK9pMefLNdKSkI6sXkcsW+S+Kn+IqTBAbFVRhMHvz1fxx8D2WJQHXvWdLs7ik8hh MgjMHVKjwAxQJ/MgCjbMEnzWJ76Ya3buXd1WB8piFDMEEj9d5vq0iAwq72hUn9J1v4p4 mMgyLfM+g2HlRDZfNPnGtsq/ERTvLKpHfEpum6kir8LUWiC0efCMWp9pjPKj2N5odNQo lw8WXBUlgEkno19/nOIISaXCCBMKVp2aVBiGXYrlOZ+w1uDvl400JdY+z5pM7BVXbhsi tfkdGMzHJs6/aQen2etEqfEi9/fwSlK9/Jw34Cb8tBqflalyH/8W30ga0tDxmf2pwcjg hVmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=dmZHUtsW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u188si11885983pgc.785.2018.03.07.12.55.45; Wed, 07 Mar 2018 12:55:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=dmZHUtsW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934420AbeCGUyu (ORCPT + 99 others); Wed, 7 Mar 2018 15:54:50 -0500 Received: from mail-pl0-f68.google.com ([209.85.160.68]:40116 "EHLO mail-pl0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934240AbeCGUyr (ORCPT ); Wed, 7 Mar 2018 15:54:47 -0500 Received: by mail-pl0-f68.google.com with SMTP id i6-v6so2037270plt.7 for ; Wed, 07 Mar 2018 12:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=ileWHI5+By+Q+YpjCxvNDNzIe0/7iYAnR9RvaE86n3E=; b=dmZHUtsW8dvP+K+jcsx7d70GM0TJIn/kvLYweig900Y5qf+mhLK1EZGY98zCUa9NvX OJoNZCbBvrUWKucpx2WjPE/aJkcSK69sx0zYqsA3FhKI4Px74LZZwK8mJFonUJeJS3Ys /sqvpOqN7fGOr81VHj7/FAwlhFvR0VqdRlyQI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=ileWHI5+By+Q+YpjCxvNDNzIe0/7iYAnR9RvaE86n3E=; b=G8XkHydqmrDxEEYqheYX74OT8cPtGk6JDrFq3TR5fj/qWx2IuBgRNdauWpU1TfcYHk zifKHiZEWA40aXFc09Uvvx6t3Rp8LVYqY/B/vMpUGxpQo3KXK0dKxprZ2VocQHYIpYio WgjEmSrenvjxABtfF+LB1m7pwVZE56zkPEoLnYi+0U5zIelauegjco5rQV/p1Tnv5Bwh WAq972Lo2VBohP2ahmdjiXOWZRU7dSME6pzhr+7TjNDC++bxijKf6pCt9J3CmsdMpuST g1TxKyQ0CdHGo2pLMfsDp5fW5y6PS8aCwFOw3hHAjhsoBkaTiXoiWjhemy4ws3CgnZnw rGiw== X-Gm-Message-State: APf1xPAMOxy547UsO3VdB8pUq27BodLjA0/fwnnL7p+vydrCMdMJ6mCG qwkzKgEEQ69VFHPy86zxeYjdwA== X-Received: by 2002:a17:902:c1:: with SMTP id a59-v6mr21153312pla.284.1520456087229; Wed, 07 Mar 2018 12:54:47 -0800 (PST) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id v144sm6781281pgb.63.2018.03.07.12.54.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Mar 2018 12:54:45 -0800 (PST) Date: Wed, 7 Mar 2018 12:54:44 -0800 From: Kees Cook To: Greg Kroah-Hartman Cc: linux-kernel@vger.kernel.org, Rasmus Villemoes , "Tobin C. Harding" , Tycho Andersen , Oleg Drokin , Andreas Dilger , James Simmons , Dmitry Eremin , Gargi Sharma , Lustre Development List , devel@driverdev.osuosl.org, Kernel Hardening Subject: [PATCH v2] staging: lustre: Remove VLA usage Message-ID: <20180307205444.GA11349@beast> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The kernel would like to have all stack VLA usage removed[1]. This switches to a simple kasprintf() instead, and in the process fixes an off-by-one between the allocation and the sprintf (allocation did not include NULL byte in calculation). [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook Reviewed-by: Rasmus Villemoes --- drivers/staging/lustre/lustre/llite/xattr.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index 532384c91447..ff6fe81a4ddb 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c @@ -87,10 +87,10 @@ ll_xattr_set_common(const struct xattr_handler *handler, const char *name, const void *value, size_t size, int flags) { - char fullname[strlen(handler->prefix) + strlen(name) + 1]; struct ll_sb_info *sbi = ll_i2sbi(inode); struct ptlrpc_request *req = NULL; const char *pv = value; + char *fullname; __u64 valid; int rc; @@ -141,10 +141,13 @@ ll_xattr_set_common(const struct xattr_handler *handler, return -EPERM; } - sprintf(fullname, "%s%s\n", handler->prefix, name); + fullname = kasprintf(GFP_KERNEL, "%s%s\n", handler->prefix, name); + if (!fullname) + return -ENOMEM; rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode), valid, fullname, pv, size, 0, flags, ll_i2suppgid(inode), &req); + kfree(fullname); if (rc) { if (rc == -EOPNOTSUPP && handler->flags == XATTR_USER_T) { LCONSOLE_INFO("Disabling user_xattr feature because it is not supported on the server\n"); @@ -364,11 +367,11 @@ static int ll_xattr_get_common(const struct xattr_handler *handler, struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size) { - char fullname[strlen(handler->prefix) + strlen(name) + 1]; struct ll_sb_info *sbi = ll_i2sbi(inode); #ifdef CONFIG_FS_POSIX_ACL struct ll_inode_info *lli = ll_i2info(inode); #endif + char *fullname; int rc; CDEBUG(D_VFSTRACE, "VFS Op:inode=" DFID "(%p)\n", @@ -411,9 +414,13 @@ static int ll_xattr_get_common(const struct xattr_handler *handler, if (handler->flags == XATTR_ACL_DEFAULT_T && !S_ISDIR(inode->i_mode)) return -ENODATA; #endif - sprintf(fullname, "%s%s\n", handler->prefix, name); - return ll_xattr_list(inode, fullname, handler->flags, buffer, size, - OBD_MD_FLXATTR); + fullname = kasprintf(GFP_KERNEL, "%s%s\n", handler->prefix, name); + if (!fullname) + return -ENOMEM; + rc = ll_xattr_list(inode, fullname, handler->flags, buffer, size, + OBD_MD_FLXATTR); + kfree(fullname); + return rc; } static ssize_t ll_getxattr_lov(struct inode *inode, void *buf, size_t buf_size) -- 2.7.4 -- Kees Cook Pixel Security