Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2487851imm;
        Thu, 19 Jul 2018 22:41:59 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpfPXH6Zcu0YYXz1uwMCLSKT237SQLkwMs0Bjwavy2NX20GMnPScsJsFTiFuRs9Cm3ELupx8
X-Received: by 2002:a63:8042:: with SMTP id j63-v6mr715402pgd.230.1532065319150;
        Thu, 19 Jul 2018 22:41:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532065319; cv=none;
        d=google.com; s=arc-20160816;
        b=oK8zCF3mj00mWF8N3GtjatqAwDdjhFFZpLKF1yaOcdtemjc6uWd51yg8G03zQpM26l
         fcfcGQcI8OkCnM2eAd8e7tMweMdOoOQCT2ntG6Nt3nANPUEI5bYjNeShDP3AV/+f/HXl
         ypnLSxSHG04zOe9o65f+JeleJw/v6fK6ZpPMfswHUgjBz+lW8PGfoXoZQbEE8ZNtQJtu
         R5Lch/8q2saCfj8PsXUxTDYaUd5VdyO5vi7jY7LVcUPS7qk1TCUGpodsfp9w42NJqFiY
         iHZ4I1dTyD8so7coVNEeAkmQuBUZdIaAFttrvEte1SLwBy8UtI0QNvqfdReY8hYyLP07
         OhuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=rCYUSRXeCrH165MEuw+wTKR8igCUCrL/lxt/p6F6WKU=;
        b=PEZicVsbN6SZDpqSz+KnWigcELYeyivDSWdlgiPr2gqXFsKHgpO0Sj9FvFtmOuw5j9
         Ci7lk0PpGjVNJRkYKxA9oaqOl4yy7L9RK02OxXHTQwycmSyaa5S6efG/iCfcDu0SctVR
         eFd7+qJ7mngkrcmRtk+3tfha75j5aKp+/szHQEHUNy2SVxGi0I9hnw986BW7zNuY8a4j
         xYiR9D93eqN64tz5hBB5hWQM7bD8dAfDIeByV8itRgJzqTHZnH5PR9kQddcBIh79+G2G
         T14kstaHdS2OvOl3jRAiVqB/KKL4g3fS3ShsXXViKzzbYiaE3dcsyLrKcrZ9XwOCkxiZ
         E0fg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z11-v6si988081pfd.357.2018.07.19.22.41.42;
        Thu, 19 Jul 2018 22:41:59 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727219AbeGTG1h (ORCPT <rfc822;michael.k.kehoe@gmail.com>
        + 99 others); Fri, 20 Jul 2018 02:27:37 -0400
Received: from nautica.notk.org ([91.121.71.147]:46847 "EHLO nautica.notk.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727156AbeGTG1g (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 20 Jul 2018 02:27:36 -0400
Received: by nautica.notk.org (Postfix, from userid 1001)
        id 1F8FCC009; Fri, 20 Jul 2018 07:41:05 +0200 (CEST)
Date:   Fri, 20 Jul 2018 07:40:50 +0200
From:   Dominique Martinet <asmadeus@codewreck.org>
To:     Julia Lawall <julia.lawall@lip6.fr>
Cc:     Masahiro Yamada <yamada.masahiro@socionext.com>,
        Ville =?utf-8?B?U3lyasOkbMOk?= <ville.syrjala@linux.intel.com>,
        Gilles Muller <Gilles.Muller@lip6.fr>,
        Nicolas Palix <nicolas.palix@imag.fr>,
        Michal Marek <michal.lkml@markovi.net>, cocci@systeme.lip6.fr,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3] coccinelle: suggest replacing strncpy+truncation by
 strscpy
Message-ID: <20180720054050.GA32233@nautica>
References: <1531555951-9627-1-git-send-email-asmadeus@codewreck.org>
 <1532047018-23754-1-git-send-email-asmadeus@codewreck.org>
 <alpine.DEB.2.20.1807200731240.2349@hadrien>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <alpine.DEB.2.20.1807200731240.2349@hadrien>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Julia Lawall wrote on Fri, Jul 20, 2018:
> > strscpy does however not clear the end of the destination buffer, so
> > there is a risk of information leak if the full buffer is copied as is
> > out of the kernel - this needs manual checking.
> 
> As fasr as I can tell from lkml, only one of these patches has been
> accepted?  There was also a concern about an information leak that there
> was no response to.  Actually, I would prefer that more of the generated
> patches are accepted before accepting the semantic patch, for something
> that is not quite so obviously correct.

As I'm pointing to the script which generated the patch in the generated
patches, I got told that it would be better to get the coccinelle script
accepted first, and asked others to hold on taking the patches at
several places - I didn't resend any v2 of these with strscpy yet mostly
for that reason.


There were concerns for information leaks that I believe I adressed in
the specific patch that was pointed out by the concern (I might have
missed some?), but I'll take the time to check all the patches
individually before resending as well as filling in better commit
messages which also was one of the main concerns.

I'm however a bit stuck if I'm waiting for the cocinelle script to be
accepted to resend the patches, but you're waiting for the individual
patches to be accepted to take the script... :)


I guess there is no value in the script landing first by itself, I'll
just remove the script path from the commit messages and resend the
first few this weekend.

-- 
Dominique Martinet