Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp9806674ybi; Wed, 24 Jul 2019 10:15:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqzivQbfJnKph98I3zHUDFT4gXFZAvGzc7bssfpi58LYiYKKG4DmjdK54PBldP7Ka3Bxmepc X-Received: by 2002:a62:7a8a:: with SMTP id v132mr12330383pfc.103.1563988546068; Wed, 24 Jul 2019 10:15:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563988546; cv=none; d=google.com; s=arc-20160816; b=juL3mdckRchBdP6pKnWwq3GtHOxZVBpDkH7UUNl3qKnf+/zV26kDF/Lv9GqBP6BTAZ +NDH2QYC1Z9AA3CSo8OAWvpYVlYEpsqmLePQ4mBm+DUr8W0pYlV9/4onJ7KFt3b94Lkg aF2EJgibtwSJug+QpIZUy5Znj50rPGOz+PFYOEI7qpOYCrx/p7U6SSqE1G6x1w9xyrgr rJ+JzE3eYjX1S/DRYDyVQ8SOxk835fvLAEBHwxxqenftf4fTGq1fMfdNRUZSQutkpIBU aUjam6JrX4RMztnLEo0afHedOI5+n0PUomcKhuzsWyPTAf4Bqvrm+ad+JZTIVi+vI79j l+VQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=U8cl4nVt9icJqK0yFnx5TQc7gNHvGEAy+pPaBq+pmC0=; b=IPQVvMY4FfyQasFSZXCemIlMhyo4pSfQbzsvwC5ozx+JZfboKX0lcblWA5GOWRTL0q g7ts+6moZWc3U3Jr7OyasUgLhfQBg5NbGPBs0R3QK+/dfMTfioqb+mdvLEr5K+zSxuFe 42bWjn8gAGApr0dJ5gi2Nt5iwqFS6qKhlUaDYzoZ+gO4+0uSeKVYJ4X9QJ7OkOO/sD63 0ittCuxhSEJnuc/c9cObqhlGk0QctqiCyhYfrVTjd5ZX5IzkKr9nTom7YPgvQrrhCuHZ vTJ/26wyw9tGH5bo4UdwiMXI9qGjnpmS9umzY04Nc1K/jTKroWXDSxUK0JRLX6buJs5t jhYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=cBh9ReMV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f32si13160811pje.70.2019.07.24.10.15.30; Wed, 24 Jul 2019 10:15:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=cBh9ReMV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727572AbfGXRJT (ORCPT + 99 others); Wed, 24 Jul 2019 13:09:19 -0400 Received: from mail-lj1-f193.google.com ([209.85.208.193]:43583 "EHLO mail-lj1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726316AbfGXRJS (ORCPT ); Wed, 24 Jul 2019 13:09:18 -0400 Received: by mail-lj1-f193.google.com with SMTP id y17so20670693ljk.10 for ; Wed, 24 Jul 2019 10:09:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=U8cl4nVt9icJqK0yFnx5TQc7gNHvGEAy+pPaBq+pmC0=; b=cBh9ReMV8eGmBOSMW8Zb37lV8BeNSV/1KWRwZgRg4j0iO5KN3WnhA2Qu32ZWEKD+eQ EXrde2G7KNiEvgfnjmcRw4+n9RJPOxSJ6KCiK+lXaNn2j190ZQQ0Dnj+r9+0owvXalW+ XrJXduBhJmMLWWMH9L/vZIpTPzMtHlHQbeDsE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=U8cl4nVt9icJqK0yFnx5TQc7gNHvGEAy+pPaBq+pmC0=; b=cDWNq5N+E+TxYsk3IYKAWoth78u9ofh8pEe6U3x+qDInmqZs/OEMlLUPLx0p77hzXW 8+DYxPxhnbTidi276KHJiahAY0HdBg4aTFg/EyfVuKvabVukfFD2YQJXKyNUQ3CP2fKM YX42J8zCrco7Y2eB7dQR29aMVH3ph7FUJbtISiDPyxOKA74ShyhTEh1IXdpTEOnYgdB0 86wwBCEvGE5wcSYOIVNN6F4nM5q4i+bn1DxUP9TFKUTVv4tWvtU338NZhx1/y7Z9/zm3 V4BjdPk/TEqTiS1a7kS9nX10X5e2I+RKjs/e3Vkb4cLTMFwvCSZkRKIqBNLjbE/xIEg8 TjxQ== X-Gm-Message-State: APjAAAWejZHljTk9XarzaRisY3WoXAuHXYWqVvov0F31Oj3tbDMk9blz uB2rmk9tQ0aqwJySxFXjRvE5ZoBNGeo= X-Received: by 2002:a2e:86c1:: with SMTP id n1mr43123719ljj.162.1563988156207; Wed, 24 Jul 2019 10:09:16 -0700 (PDT) Received: from mail-lj1-f175.google.com (mail-lj1-f175.google.com. [209.85.208.175]) by smtp.gmail.com with ESMTPSA id y25sm9632853lja.45.2019.07.24.10.09.13 for (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jul 2019 10:09:13 -0700 (PDT) Received: by mail-lj1-f175.google.com with SMTP id i21so45253653ljj.3 for ; Wed, 24 Jul 2019 10:09:13 -0700 (PDT) X-Received: by 2002:a2e:9bc6:: with SMTP id w6mr44754092ljj.156.1563988153239; Wed, 24 Jul 2019 10:09:13 -0700 (PDT) MIME-Version: 1.0 References: <7ab8957eaf9b0931a59eff6e2bd8c5169f2f6c41.1563841972.git.joe@perches.com> <5ffdbf4f87054b47a2daf23a6afabecf@AcuMS.aculab.com> <396d1eed-8edf-aa77-110b-c50ead3a5fd5@rasmusvillemoes.dk> In-Reply-To: <396d1eed-8edf-aa77-110b-c50ead3a5fd5@rasmusvillemoes.dk> From: Linus Torvalds Date: Wed, 24 Jul 2019 10:08:57 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/2] string: Add stracpy and stracpy_pad mechanisms To: Rasmus Villemoes Cc: Yann Droneaud , David Laight , Joe Perches , "linux-kernel@vger.kernel.org" , Jonathan Corbet , Stephen Kitt , Kees Cook , Nitin Gote , "jannh@google.com" , "kernel-hardening@lists.openwall.com" , Andrew Morton Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 24, 2019 at 6:09 AM Rasmus Villemoes wrote: > > The kernel's snprintf() does not behave in a non-standard way, at least > not with respect to its return value. Note that the kernels snprintf() *does* very much protect against the overflow case - not by changing the return value, but simply by having /* Reject out-of-range values early. Large positive sizes are used for unknown buffer sizes. */ if (WARN_ON_ONCE(size > INT_MAX)) return 0; at the very top. So you can't actually overflow in the kernel by using the repeated offset += vsnprintf( .. size - offset ..); model. Yes, it's the wrong thing to do, but it is still _safe_. Linus