Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1525808imm;
        Fri, 22 Jun 2018 19:42:53 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLUdgaEv+0ypryeOyrqha4+KEDHSzP9Pn4XEISase3SMAKqgaM99kRm9m9Gg8sf1Gygbe0C
X-Received: by 2002:a65:4081:: with SMTP id t1-v6mr3502324pgp.32.1529721773075;
        Fri, 22 Jun 2018 19:42:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1529721773; cv=none;
        d=google.com; s=arc-20160816;
        b=ZgvGQSBU0qCe/7em6DJfuCUs/FLK5wxgl0WWUmqL5VaHBnnOzkCV1dFuXKeQ+6iDnX
         1Xvv+4MFo+FLP5vefEpq2t8hRCfJi0tWa9ulBH+ZHUO6eH5+HrvmmfCwxkKXRyFQne+P
         UdyzbJJuOMO9XlOtCY9B+Umo3svr41L3f3bBMSvoRa6g2T1BeJT9hVuiekodx/rkKVFV
         uuN0aHpJl0vHjvhZ14ZdRCKVpusXMI9WwKZScg8Xq/tzt2fAijeRLS06WQi0oDX7qkgf
         erKxZm/6vFyUH4xN28ejjip9yz3p+asj57TNFk/CG6mFMZn4Em2Ls67oPpoYa6rlNtzX
         Zitg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature
         :arc-authentication-results;
        bh=jtquc1jN/9AVahUJ+O/biPGKIbL6lgAZorLtDU6WAG0=;
        b=P2bHkssLX9m0R9PLvCPD0KIzB/+T2lulhkMW97B8YXmE18IrLtqUm4bjIQ4Hmgdpxd
         kSvcWMUxEsWKpcuaif9kGo9+gVnioXGa2hhHQu0Z4flf0SlUUqSTO/KoJ9iRBtAcyx5M
         6y2YbWZe3g+BlVcKW0LeNBDo3bUo//j20fHHF+fdZVyHa8nMgLob98j2HKkLRp+VNCGU
         ImSJxIRiMb2KlUzGyQZ+n7/QqXRaBAHhC3nc45uEJDMupJgEUlHbLpQBLc6qMmhtfb8A
         M6K11EldUp4Cp69waDKYfUXtqYggvXunips+D8iKzW0hwlcdXUbo5u8fyaPgU8TtpCpO
         W5Gw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=bgaau846;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d7-v6si9079197pfl.122.2018.06.22.19.42.37;
        Fri, 22 Jun 2018 19:42:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=bgaau846;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S934698AbeFWClx (ORCPT <rfc822;brice.berna@gmail.com>
        + 99 others); Fri, 22 Jun 2018 22:41:53 -0400
Received: from mail-pl0-f66.google.com ([209.85.160.66]:41515 "EHLO
        mail-pl0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S934625AbeFWClw (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 22 Jun 2018 22:41:52 -0400
Received: by mail-pl0-f66.google.com with SMTP id w8-v6so4288845ply.8;
        Fri, 22 Jun 2018 19:41:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:content-transfer-encoding:in-reply-to
         :user-agent;
        bh=jtquc1jN/9AVahUJ+O/biPGKIbL6lgAZorLtDU6WAG0=;
        b=bgaau846uFub8cr/N4T6viUNuxxtty+wjAUPh5BhOYSe2JkYBChqwfy50XA+VLT/kL
         O0Fac2+YsRODy7UUyzP59ec7pAR1we8jS1L3Lk5XzzoBzr/1X+3m+Ky6nADXdDEn4VoV
         vSOqNOLhdFT8iG/9lRH/fu89xf7E8NOVSSrX6hzZC515+4BYfCzpgitnJfOuJtPzqtTn
         7lq+y2wVEKa9nUupprqc8/OuGpBO/nJVx4rj+0RwXLMBcm9m1rhwoNDlhxphdboFIY+O
         BqEBlxYFqg+EKITI9tity6ZarNgyGjrAL2K5y/47P3Mg8XDv2ai6r6ckQvpz1ldM5Q2P
         dN2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:content-transfer-encoding
         :in-reply-to:user-agent;
        bh=jtquc1jN/9AVahUJ+O/biPGKIbL6lgAZorLtDU6WAG0=;
        b=s1wUMZ9esFETdSvTtUPSXJN5c/bJsNztxrbCG0VKv+gCgqnelzBRJjpW5e5QJbN1AC
         T0DSzn5mUoe6ThLD2dbj3b4o2f8qGDGwKWmXeqXvFQKpTSG4ftJ4LfkJnbfCjg46CNsh
         HMDWhuB4xk5MKLBupfhYt/xuh3W151/5YiY2gPW4pYdwoYdTLI8eUhQ+O6R3PvfbjMGc
         /IQU9tOrjdl9GIghMDjqg86VHzQFXB7OBY9cWvXzH1BEOCGzq0CKLvjAUWb29ocjfS17
         b/OcMwHMwZk8+e5+rTb3CFIvy2gcPWCw7cCcIxdkOu/TXdozCEdPxjjuiJbbLaU8OPwV
         /y0w==
X-Gm-Message-State: APt69E112WI1dzQNNNHIRGIIsObzncAv5N0aqEdVlbrCkYFo4vbs0ZNL
        OQyQHsX7koRY5LP9Z37QcFgrRIBR
X-Received: by 2002:a17:902:8d91:: with SMTP id v17-v6mr3983126plo.9.1529721711818;
        Fri, 22 Jun 2018 19:41:51 -0700 (PDT)
Received: from sol.localdomain (c-67-185-97-198.hsd1.wa.comcast.net. [67.185.97.198])
        by smtp.gmail.com with ESMTPSA id x2-v6sm12740365pfn.11.2018.06.22.19.41.50
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Fri, 22 Jun 2018 19:41:51 -0700 (PDT)
Date:   Fri, 22 Jun 2018 19:41:49 -0700
From:   Eric Biggers <ebiggers3@gmail.com>
To:     Stafford Horne <shorne@gmail.com>
Cc:     LKML <linux-kernel@vger.kernel.org>,
        Greg KH <gregkh@linuxfoundation.org>, arnd@arndb.de,
        linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>
Subject: Re: [RFC PATCH 1/2] crypto: Fix -Wstringop-truncation warnings
Message-ID: <20180623024149.GB880@sol.localdomain>
References: <20180623020753.27266-1-shorne@gmail.com>
 <20180623020753.27266-2-shorne@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20180623020753.27266-2-shorne@gmail.com>
User-Agent: Mutt/1.10.0 (2018-05-17)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Jun 23, 2018 at 11:07:52AM +0900, Stafford Horne wrote:
> As of GCC 9.0.0 the build is reporting warnings like:
> 
>     crypto/ablkcipher.c: In function ‘crypto_ablkcipher_report’:
>     crypto/ablkcipher.c:374:2: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation]
>       strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>",
>       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        sizeof(rblkcipher.geniv));
>        ~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> This means the strnycpy might create a non null terminated string.  Fix this by
> limiting the size of the string copy to include the null terminator.
> 
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: Arnd Bergmann <arnd@arndb.de>
> Signed-off-by: Stafford Horne <shorne@gmail.com>
> ---
>  crypto/ablkcipher.c | 4 ++--
>  crypto/blkcipher.c  | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
> index d880a4897159..972cd7c879f6 100644
> --- a/crypto/ablkcipher.c
> +++ b/crypto/ablkcipher.c
> @@ -372,7 +372,7 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
>  
>  	strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type));
>  	strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>",
> -		sizeof(rblkcipher.geniv));
> +		sizeof(rblkcipher.geniv) - 1);
>  
>  	rblkcipher.blocksize = alg->cra_blocksize;
>  	rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
> @@ -446,7 +446,7 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
>  
>  	strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type));
>  	strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<built-in>",
> -		sizeof(rblkcipher.geniv));
> +		sizeof(rblkcipher.geniv) - 1);
>  
>  	rblkcipher.blocksize = alg->cra_blocksize;
>  	rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
> diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
> index 01c0d4aa2563..f1644b5cf68c 100644
> --- a/crypto/blkcipher.c
> +++ b/crypto/blkcipher.c
> @@ -511,7 +511,7 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
>  
>  	strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type));
>  	strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "<default>",
> -		sizeof(rblkcipher.geniv));
> +		sizeof(rblkcipher.geniv) - 1);
>  
>  	rblkcipher.blocksize = alg->cra_blocksize;
>  	rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize;

Your "fix" introduces an information disclosure bug, as it results in
uninitialized memory being copied to userspace.  This same broken patch was sent
by someone else too.

Maybe it would be best to just memset() the crypto_report_* structs to 0 after
declaration and then replace the strncpy()'s with strscpy()'s, even if just to
stop people from sending broken "fixes".  Do you want to do that?

- Eric