Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp3698108imc; Thu, 14 Mar 2019 03:16:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqyA9pSVZ6MSCoBl7F2ZubSNv/nf0HXMYgEKgfAzeAKJbqv/j0C2B1aR3EFe/7NNM27r7JGu X-Received: by 2002:a62:568e:: with SMTP id h14mr50395246pfj.134.1552558613282; Thu, 14 Mar 2019 03:16:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552558613; cv=none; d=google.com; s=arc-20160816; b=pV+xWolQaiUkSSgcZzpdZUWU31yDjkTFYPn8lDnLxkAdOlOjus2AJSYr80OUqTPgXW LnVLlG+aL7+yD9URrvnYbWfw8R/ZCChbmL9X6zC9gzf5oEVRLEzcAZcj1t1A5zGgvjcj U1Q1GatcPil46dyPIbXNtpw7tB8Jk+j5Jvad4W3K20fDGlyjKq20wDLFuDO/34V1kAhh 49yqvjPO9oLhb25Y1cl77rKuaMPccQ5Er/U0KWU9XcdqimTSnKj6Wp4DCvib+PdSJjG3 DCtqPfzDSZn+A98vLzHkoFAjXJfg5V4MqY1Zu7bx5MleU+5x82jF8gdBkAc7g4fJK39D 1npw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=kfiqSQlTzHmQKcnBdIQKyixNAXkSJp2cb1nIurW9LDs=; b=MBy1U+imVIbpBZsFzmbw02UhxC0pN4BXpmvyn7bLHrMVzXdxsQrH2dGRYpH80198V8 9tCLzRJx7/OCe0x/7Zc+hW1Uk1Uo2seJN8JilK0NXUMmgvLpVcRd8EC59bzQg04AYbLd hNsnvOcO7Xin9qgOhnWDqH8cA8bAMDAlw5/1LZdLlTIc0iPCR9hPW2g5JynKJRHarR7h 58YjnuKyguFWHsBFKsUVnTuodJY5hinRI/v+cklFy+bozZQs3TQD5fG5ycrTK9rwd1I4 tx11USbstYHfPrq8K5wCy/2l+VUk0uNaQbuinLysOGBd0TIqGkz7RG82WzYL/cCUYaZS hR2A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i12si12087662pgh.183.2019.03.14.03.16.38; Thu, 14 Mar 2019 03:16:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727220AbfCNKOW (ORCPT + 99 others); Thu, 14 Mar 2019 06:14:22 -0400 Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:60555 "EHLO atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726539AbfCNKOW (ORCPT ); Thu, 14 Mar 2019 06:14:22 -0400 Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512) id 26ACC80373; Thu, 14 Mar 2019 11:14:13 +0100 (CET) Date: Thu, 14 Mar 2019 11:14:19 +0100 From: Pavel Machek To: Rasmus Villemoes Cc: Uwe =?iso-8859-1?Q?Kleine-K=F6nig?= , Jacek Anaszewski , LKML , linux-leds@vger.kernel.org Subject: Re: [PATCH 1/4] leds: netdev trigger: use memcpy in device_name_store Message-ID: <20190314101419.GA14455@amd> References: <20190311144227.GA4404@amd> <20190313202615.22883-1-linux@rasmusvillemoes.dk> <20190313202615.22883-2-linux@rasmusvillemoes.dk> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="lrZ03NoBR/3+SXJZ" Content-Disposition: inline In-Reply-To: <20190313202615.22883-2-linux@rasmusvillemoes.dk> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! > If userspace doesn't end the input with a newline (which can easily > happen if the write happens from a C program that does write(fd, > iface, strlen(iface))), we may end up including garbage from a > previous, longer value in the device_name. For example >=20 > # cat device_name >=20 > # printf 'eth12' > device_name > # cat device_name > eth12 > # printf 'eth3' > device_name > # cat device_name > eth32 >=20 > I highly doubt anybody is relying on this behaviour, so switch to > simply copying the bytes (we've already checked that size is < > IFNAMSIZ) and unconditionally zero-terminate it; of course, we also > still have to strip a trailing newline. char device_name[IFNAMSIZ]; Ok, good catch reporting the bug, but are you sure the fix is right? AFAICT the design is that device_name does _not_ have to be zero terminated, and your fix incorrectly limits the size of device_name. Pavel =09 > index 3dd3ed46d473..ddc2b90ad7ec 100644 > --- a/drivers/leds/trigger/ledtrig-netdev.c > +++ b/drivers/leds/trigger/ledtrig-netdev.c > @@ -122,7 +122,8 @@ static ssize_t device_name_store(struct device *dev, > trigger_data->net_dev =3D NULL; > } > =20 > - strncpy(trigger_data->device_name, buf, size); > + memcpy(trigger_data->device_name, buf, size); > + trigger_data->device_name[size] =3D '\0'; I'd do =3D 0 for consistency with code below. I believe the strncpy() is right to use here, but code should be modified so that zero-termination is not required. > if (size > 0 && trigger_data->device_name[size - 1] =3D=3D '\n') > trigger_data->device_name[size - 1] =3D 0; > =20 Pavel --=20 (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo= g.html --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlyKKXsACgkQMOfwapXb+vJOVQCfRaoUZM6KYRD3x+2fhWHxr/71 2FYAnR1TS3o2vz5/s0c2UMtMcMoCRdfE =Cfdv -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ--