Received: by 2002:a25:b794:0:0:0:0:0 with SMTP id n20csp2354578ybh; Sun, 4 Aug 2019 23:23:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqxvqrpiSDldre9CFyphAdsQxy/L5r58/bOVtcMi6PIzKwqLAVlgtJ67BWepRCCm4qT8T5pk X-Received: by 2002:a63:1d0e:: with SMTP id d14mr135111221pgd.324.1564986238628; Sun, 04 Aug 2019 23:23:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564986238; cv=none; d=google.com; s=arc-20160816; b=w9IOjmRiHDGzkm8hjQs6N5VBnJHktgrNZBMbYV61mbj3ZcS5XV75NpPEIrdbuLIu52 g9daZr09tFBl0WNG4054UKscahal98SvSGbSktM2G/rS4RQXjbnTR3piU6Gyh9B8RYg3 I1gr1/0e6a4unTwoqig6+++93ri0m5T/iS2gypC5g20XOHq9lhaaDLdr+XWRKwBSDO5c nrpwkhYJT0Cn4PnuC3/nGi8BVQDgXPC8N+djb1C78LZz2f/kYhUxP7QfxS7c9+1Kr4Wu PXYDJpTeG3Ex+wAvGJB2+4dwgnUB3gWzO06DAffVe/c3FcG6Pxn2/dDWqVaalBD2lVNO /gxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=tGdeKkO6NF7wDJ7Q5bh/TgttU4eme3KB46fSMxOwVRA=; b=sv/n0TxVFbvYXLEJibdFvGCldKIfNocdXfYFvFoMXBa3/R0R3BP9jjHoNr4tOr+xgs RXmtiqPzoJD1hC05qF8cwmFEHG10hKC726yDlfcz0KAPjmBcAcHk82h/6nLueB1u5IxF oDl436kjvNxgSe1gDFafPL/yOcU68NtUgA56GjIH6vu4yimhrK5UGI5UJNwzNf2vJo7V T+jS6nQ3PSMDDbWH4wroCtMrIdWtp5MPoL0h5UoW2qfilCTannfNJ4leau2kNDOdMMOH 2n63lo0MubENiWeoEXn4QnzaAf9iQ/yJnf9h8kgt+RFh0jyQhcQuma+LqFGbzTJaRNwa qLVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=M9YZ2Yxq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k33si39242409pld.359.2019.08.04.23.23.43; Sun, 04 Aug 2019 23:23:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=M9YZ2Yxq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727458AbfHEGWx (ORCPT + 99 others); Mon, 5 Aug 2019 02:22:53 -0400 Received: from mail-ed1-f65.google.com ([209.85.208.65]:38548 "EHLO mail-ed1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727412AbfHEGWv (ORCPT ); Mon, 5 Aug 2019 02:22:51 -0400 Received: by mail-ed1-f65.google.com with SMTP id r12so42778040edo.5; Sun, 04 Aug 2019 23:22:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=tGdeKkO6NF7wDJ7Q5bh/TgttU4eme3KB46fSMxOwVRA=; b=M9YZ2YxqcdoIX7YXTDFw+22XCqU+0OIb5RpWCbwZW4THqevYUE3gzQ3/n9FCZs0Puj 8XYIDbH/DEDPGkjbGuKPUKD19eFwZRx3Ni890NOrXOe/NlO/Jby9xvzJers3NsVxnCI2 OcH6NoXkcntvuBZ8sn3drrNH/jS+JwcYehMb8OgUFStTQgwkU3ISGZT0TQvDMFr1hmgk 9UYFOVfu2hsVIQU2QLTrAPJbp0SKqhIsrGp9Qf9NDZsxI8TcFdP8DzStbDSqsQ/KDfN5 kzY8USuixdBFDnvS97LfvawcTXwFb5+6VobAHwLsTxPEhWREAPK35NLOOhknHbzUlDeO JVRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=tGdeKkO6NF7wDJ7Q5bh/TgttU4eme3KB46fSMxOwVRA=; b=lDODaL2y7DAZnf5DO0QEYL1tc2DldYPgUUTXAiVmSC5bjbF/KzT7Y73G5p5TFNxay1 IWZHOZEJtDJlmZR/WfxQLd5/R9KiB5QiktvN1i0Gx6oPww8v7KghaeztBgHVpOp2266z FlvpHt05KxlKx2gRw3TdzHsAQPSAirEHFhOzpAB9hc/g+A+/OjxFRqwMKp/9kRAWZoBm mcclRX4gl8tp+ZWN95J+mN5g/QFvCIe8qiGqiuYZ7hS+LbZb7Yc1eKVijIzHVkTF7zGw 0JJAm4rYRDPrJWYldstLpFZYJ55/lkTr73fv8Q5dM0I0fysR2um+mveZk9WmXYm/bR0J 0n6Q== X-Gm-Message-State: APjAAAWuH5oDMIdi4ePHMPaguvIeo3raKIB324pJ9aMTre+uZnP89iI4 3W/M1x/T8eBna8O6wq3jWTNCC5JhDrsUusNFXKI= X-Received: by 2002:a50:fb0a:: with SMTP id d10mr103635158edq.124.1564986169613; Sun, 04 Aug 2019 23:22:49 -0700 (PDT) MIME-Version: 1.0 References: <20190730084047.26482-1-hslester96@gmail.com> <1564498597.4300.10.camel@linux.ibm.com> In-Reply-To: <1564498597.4300.10.camel@linux.ibm.com> From: Chuhong Yuan Date: Mon, 5 Aug 2019 14:22:38 +0800 Message-ID: Subject: Re: [PATCH] scsi: 3w-sas: Fix unterminated strncpy To: James Bottomley Cc: Adam Radford , "Martin K . Petersen" , linux-scsi@vger.kernel.org, LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jul 30, 2019 at 10:56 PM James Bottomley wrote: > > On Tue, 2019-07-30 at 16:40 +0800, Chuhong Yuan wrote: > > strncpy(dest, src, strlen(src)) leads to unterminated > > dest, which is dangerous. > > I don't buy that. The structure is only used for the > TW_IOCTL_GET_COMPATIBILITY_INFO ioctl and all the fields for that are > fixed width and are copied over as such. > > > Here driver_version's len is 32 and TW_DRIVER_VERSION > > is shorter than 32. > > Therefore strcpy is OK. > > The best practice for copying a string to a fixed width destination > that does get printed within the kernel would be what the 3w-9xxx.c > does > > strlcpy(tw_dev->tw_compat_info.driver_version, TW_DRIVER_VERSION, > sizeof(tw_dev->tw_compat_info.driver_version)); > This is right, and strscpy() is better than strlcpy(). strlcpy() is deprecated now according to the documentation. I choose strcpy() since it has better performance and there is no worry of overflow here. And I find there are indeed some places using strcpy() to fix this problem, like add_man_viewer() in tools/perf/builtin-help.c. > But as I said, it doesn't really matter for a fixed width field that's > never printed within the kernel. > I think it is not good to leave a exploitable place here, and fixing it does not need much effort. Regards, Chuhong > James >