Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3991605imm; Tue, 29 May 2018 19:02:40 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJ53se7Xkod4RhP0BY7he/zJe9j97MFjSNNc0Ppwk7Nebl5PqTAIdfX0+P5CEoQbnUPTOdW X-Received: by 2002:a62:ce4e:: with SMTP id y75-v6mr802889pfg.175.1527645760280; Tue, 29 May 2018 19:02:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527645760; cv=none; d=google.com; s=arc-20160816; b=YtH84g/Sn8+VTzReE5XRif8mrV/X9AF61398XScFcTjnTSQoY2+9ihBmENv8PIeGvZ Q1oMUtBuLFkOjHlOu0pqFDk/AguiI6vlKrM4UL5qu0SiIDvOiuXsU6kMKY51xKlHyxx9 xDuGuOSQ7D9j97t+SO0eR3HkLPBQgzy+H0cECHHMSXXLIc74HDFV7N07dZoK2bj3fT62 /yRBR0N8/+rlNg7DReIEJVqoQbb3XIj8T00rO6nMeHvBd5LoE0mBOn6EtpzEJz9cku6l DYeVK4ymXHEcigLehXNdlwfRe3slSidpiWxnsg23sPzeZFSy4RDsNnv9XPZAOUbENeE4 aYBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=g2XEuePtXMd01jjfyVWRj6H9e4XIheiYm55FRCcQ0dU=; b=wwShL9UhTpNE2dcGVdbMqyR9fqf4yO5DKTjSXVslnlk8mpHrO0WmvI/yb0Z70dVovZ 0bf3XLiofZfeqJl0GBZPP6NGhKpoOR4GyjeE5JtEZon/7OOOgtyDHW+yyX8DUwZM+RRo XSbpz6ww8C1aV9sqty49T8v+G8p5Vjb+VGqJD5FIuudFWGlwETQ4Kwzofx/4IPeipkvc htqRzsTydaCCJ2G9zF/t40XppS4AlWruXD6ZpmmGd3oUmaDrAERry+LAsczctbLe5aGo Id1nU0RmB+qBGnfD5aLMW7/Gp9jfWackv7qAbNBQPpIIZDGxyrmpLBe88lLtxfDwghdF qv5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=baSTV/dP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y17-v6si17602269plp.485.2018.05.29.19.02.26; Tue, 29 May 2018 19:02:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=baSTV/dP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S968551AbeE3CBh (ORCPT + 99 others); Tue, 29 May 2018 22:01:37 -0400 Received: from mail-ot0-f193.google.com ([74.125.82.193]:46651 "EHLO mail-ot0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751826AbeE3CBg (ORCPT ); Tue, 29 May 2018 22:01:36 -0400 Received: by mail-ot0-f193.google.com with SMTP id t1-v6so19309485ott.13 for ; Tue, 29 May 2018 19:01:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=g2XEuePtXMd01jjfyVWRj6H9e4XIheiYm55FRCcQ0dU=; b=baSTV/dPrMs6sqlNZ9xRwsWUwzff7X7msEoI2mXEv7QT1NPEj7VtL0vhMJWecvgU4N E0U2nd15hOdbwCi7JlrPH0OccXCgTJ8hfEvAQrE2XJogyxtd0EjGYaFI5muI2hGOM2Ni 0ZRQlFOtY2RBEUVZTeJrjQPfK0uv+2fdUeY9nTuiSfS7/vDhRr0B5FU7ZkZ3Fkre2OiH qh+3fCxOED95efqnF6CQkB5GfxEWjhURNnK0Ey/TE1cgCbzsv2a3L98lOiHOevFXohBM 3IYozoHPpWGvxXJZh+LYGOTyU4F09dw3YFfb/4ZOWCqhxBSE4JNxZDiRpkGk5oS0TKN/ 8kLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=g2XEuePtXMd01jjfyVWRj6H9e4XIheiYm55FRCcQ0dU=; b=ptsZDTqcjm2g6hYDdvhrC2MOzDjMWZVidyzCV8WZ2jztNUvpv9y3fSkp1hf+psYj4J bq1Tc7AWAUkdW53eR9BXkFZXx7iOjz4AV+NFDk1RbCmpF6l+HChhOzAE50Jgk62ShMjP gadZv7emt9CCU8OhklcxZ3k5jG2FQox5erSn42UmZCfbJf1Rmc3dzgDtBelmjtkiUIoa 8I5J+0EJkhXy5hD2aaDZyP/1Z2am79+OnMkJGmjOR/vBal1DviNtWHSZTkPNDasNdhze BbfupOlSr0+gwqSv3H+hviE4o1MpemYZ/0fUCxKKo8rX0MU4PxOZ7htm6LWsTF69LXjl A6/w== X-Gm-Message-State: ALKqPwcDKvSyc1YTQ21VrSY1UFYyK28OVcqC85V4vfAZWZirePaZKvlo gnLBHXJ16HsSdzYuJXr/R6EFP4qdZsuKJs4xsE8= X-Received: by 2002:a9d:3387:: with SMTP id u7-v6mr541704otc.103.1527645695853; Tue, 29 May 2018 19:01:35 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a9d:2451:0:0:0:0:0 with HTTP; Tue, 29 May 2018 19:01:35 -0700 (PDT) In-Reply-To: References: <1527573427-16569-1-git-send-email-nick.desaulniers@gmail.com> From: Nick Desaulniers Date: Tue, 29 May 2018 19:01:35 -0700 Message-ID: Subject: Re: [PATCH] kdb: prefer strlcpy to strncpy To: Arnd Bergmann Cc: Jason Wessel , Daniel Thompson , Randy Dunlap , Baolin Wang , "Eric W. Biederman" , kgdb-bugreport@lists.sourceforge.net, Linux Kernel Mailing List , ebiggers@google.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 29, 2018 at 12:57 AM, Arnd Bergmann wrote: > On Tue, May 29, 2018 at 7:57 AM, Nick Desaulniers > wrote: >> Fixes stringop-truncation and stringop-overflow warnings from gcc-8. > > That patch description should really explain whether gcc is right or not. What's > the worst thing that could happen here? > > I would also recommend citing the exact warning you got. > >> diff --git a/kernel/debug/kdb/kdb_io.c b/kernel/debug/kdb/kdb_io.c >> index ed5d349..b5dfff1 100644 >> --- a/kernel/debug/kdb/kdb_io.c >> +++ b/kernel/debug/kdb/kdb_io.c >> @@ -443,7 +443,7 @@ static char *kdb_read(char *buffer, size_t bufsize) >> char *kdb_getstr(char *buffer, size_t bufsize, const char *prompt) >> { >> if (prompt && kdb_prompt_str != prompt) >> - strncpy(kdb_prompt_str, prompt, CMD_BUFLEN); >> + strlcpy(kdb_prompt_str, prompt, CMD_BUFLEN); >> kdb_printf(kdb_prompt_str); >> kdb_nextline = 1; /* Prompt and input resets line number */ >> return kdb_read(buffer, bufsize); >> diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c >> index e405677..c30a0d8 100644 >> --- a/kernel/debug/kdb/kdb_main.c >> +++ b/kernel/debug/kdb/kdb_main.c >> @@ -1103,12 +1103,12 @@ static int handle_ctrl_cmd(char *cmd) >> case CTRL_P: >> if (cmdptr != cmd_tail) >> cmdptr = (cmdptr-1) % KDB_CMD_HISTORY_COUNT; >> - strncpy(cmd_cur, cmd_hist[cmdptr], CMD_BUFLEN); >> + strlcpy(cmd_cur, cmd_hist[cmdptr], CMD_BUFLEN); >> return 1; >> case CTRL_N: >> if (cmdptr != cmd_head) >> cmdptr = (cmdptr+1) % KDB_CMD_HISTORY_COUNT; >> - strncpy(cmd_cur, cmd_hist[cmdptr], CMD_BUFLEN); >> + strlcpy(cmd_cur, cmd_hist[cmdptr], CMD_BUFLEN); >> return 1; >> } >> return 0; > > Those three all look good. > >> diff --git a/kernel/debug/kdb/kdb_support.c b/kernel/debug/kdb/kdb_support.c >> index 990b3cc..dcfbf8f 100644 >> --- a/kernel/debug/kdb/kdb_support.c >> +++ b/kernel/debug/kdb/kdb_support.c >> @@ -236,7 +236,7 @@ int kallsyms_symbol_next(char *prefix_name, int flag) >> >> while ((name = kdb_walk_kallsyms(&pos))) { >> if (strncmp(name, prefix_name, prefix_len) == 0) { >> - strncpy(prefix_name, name, strlen(name)+1); >> + strlcpy(prefix_name, name, prefix_len); >> return 1; >> } > > I don't know what this does, but you are changing the behavior: the previous > 'strlen(name)+1' argument was the size of the source string (which makes > the strncpy() behave the same as a plain strcpy()), the new one means > we only copy at most as many bytes as the previous length of the destination > string. > > Is that intended? If yes, better explain it in the patch description. > > Arnd Eric points out that this will leak kernel memory if size is less than sizeof src.