Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1643334pxb; Mon, 22 Feb 2021 07:20:16 -0800 (PST) X-Google-Smtp-Source: ABdhPJwzIGsL0LxDMXSRC38Yc2OKqbR4+NbDjh2WvERaEGjpVJ/MjCCfwqAqRdfmcSrnVrjk6Sov X-Received: by 2002:a17:906:17c3:: with SMTP id u3mr20827169eje.304.1614007215747; Mon, 22 Feb 2021 07:20:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614007215; cv=none; d=google.com; s=arc-20160816; b=n7y9KvaBHAdJOIzn3P0OGzKUTijEUV8h8t1PQYex2Q/b2+dFBk9ZJx58XNKZlUB6+C VOqlG8Srxtv8if+DChlIWDjyiZNGLLX6HC2j9/7X5TYMSwePr6VfoPXy+AjzkG75VSpY Kf5qlVCigazIJe8K+1emSPZOgyS20lIvUiHR39vswc9XhWkmGV2J2W5gOuX8pQ6Rd9Vk UOI3hV20qDSBlLBc617UWhRnh0lVtI8eRs4qlPvJfYOGeOOUmjXnVL2ljJfAMA8wNfuZ Uq24Lkhfms1LaqVTiC3blJC0yttek2kchEWkDp98czeKzsLUoH5sxvGUp4Zp4dBUXoyT HoCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=d9B3We5q5jUlMWnG7lj9lYkkhNy18/R2y/H2GADaTPU=; b=bXnfVV5He0o3RB1xjIRIK1VHbRPtnGJ4/oygeTiP9sArtfr2GpbZyevGYnKcGi0svv RmkRwRhLg1gL97nCFHPOPQksN7IxhyaaLrjYymOojxdcSHe5qPpl4WHY0ffns2fE4lrn 4yTFiLYnci8J94AVIngw5qqOKwJYS8bJoXUbCBfaAJP6hrR58Zk6bdE86l0sU9xIQEUT lY56cm/5YpBKch/+YXIp9FyaSctGVkNHS6uLvU/i5QGtxCqfCrnoCOq6VSxSP4SxB5JY Cr9JnNQzrWr0zIyQQuti/90ZApSNYkbN8jUGmPxSBExKJIqwY9Psqq4hyCHYoA81a2XX uXqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=J2kQ3vgV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r3si12262109ejz.664.2021.02.22.07.19.52; Mon, 22 Feb 2021 07:20:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=J2kQ3vgV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231255AbhBVPTQ (ORCPT + 99 others); Mon, 22 Feb 2021 10:19:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231263AbhBVPOK (ORCPT ); Mon, 22 Feb 2021 10:14:10 -0500 Received: from mail-wm1-x332.google.com (mail-wm1-x332.google.com [IPv6:2a00:1450:4864:20::332]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F33CDC06121C for ; Mon, 22 Feb 2021 07:12:55 -0800 (PST) Received: by mail-wm1-x332.google.com with SMTP id i7so84447wmb.0 for ; Mon, 22 Feb 2021 07:12:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=d9B3We5q5jUlMWnG7lj9lYkkhNy18/R2y/H2GADaTPU=; b=J2kQ3vgVupU7YxCo469wvYqdCl6XIMH1CifuQ6lqo0nfRC2HC6qL/Hu7pPCFG3wVO1 AJazkQBjIjycD2lZ2tVJtpvRGnBbWvjygTtzO12wMEmdOoqMIugwge6SiA/Mm5obxsQr xXpUUBL9z6E+LMv2K1hQSqXMteumLji9331jU57wo5EZTBponbsQF1QtOv3ibUuWxkHO N+SUraB7WMmiVjmFhmv9Mgg65zS+YNWiqPx1ByHJvn7Sdk/lEeXk5zzivUQgdj8w8ky2 bFKG71ukVVa4UrLln4GZ/r1c+3Q5U1+p6+5vMMXCIASLnj7jIEcdH8m4E+FqvfH3U3Ey dkvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d9B3We5q5jUlMWnG7lj9lYkkhNy18/R2y/H2GADaTPU=; b=qVy7jIz1ywjQ+axfnjmGFk3ttkrvkfUHmF5EF9nWC7jI/0/xl3dsQbq/75SATSqam1 fjAgyifa7qub9xFQ6A42dy4/y8Ajv8o9PaIcKiw+X0Cfhk8+p6ys/UfKvjOambXl3vRg aevrSuGSDa0quND6ILvDrleODqdFy7yG2hUkbqUgk/oh6mX0Wwu+3i1gVOWuK8V6yZsa sRHCaXWIZqiRr8s/6QtqomlypPRFdNhPfcyBvXDEAZs/bS5BsMSw+lSuWVW899TylWqc ZxyO370ZapJ1KzQWoQHu5WDha8LWrzSEm89nGGrhhALg+XHqIBpl16y9umnVRkVvwml4 BSBg== X-Gm-Message-State: AOAM5314Hucg6RE7L8kxEzq4pjbrdmhj4gFtC6Dhf3K+6punNJIFkptC Dw08+Xs6JNk3QyVEgv2ReZpxq9HmtgfCKheQqFY= X-Received: by 2002:a1c:1bc4:: with SMTP id b187mr20410506wmb.18.1614006774481; Mon, 22 Feb 2021 07:12:54 -0800 (PST) Received: from debby (176-141-241-253.abo.bbox.fr. [176.141.241.253]) by smtp.gmail.com with ESMTPSA id j29sm4279343wrd.21.2021.02.22.07.12.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Feb 2021 07:12:54 -0800 (PST) From: Romain Perier To: Kees Cook , kernel-hardening@lists.openwall.com, Jessica Yu Cc: Romain Perier , linux-kernel@vger.kernel.org Subject: [PATCH 10/20] module: Manual replacement of the deprecated strlcpy() with return values Date: Mon, 22 Feb 2021 16:12:21 +0100 Message-Id: <20210222151231.22572-11-romain.perier@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210222151231.22572-1-romain.perier@gmail.com> References: <20210222151231.22572-1-romain.perier@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The strlcpy() reads the entire source buffer first, it is dangerous if the source buffer lenght is unbounded or possibility non NULL-terminated. It can lead to linear read overflows, crashes, etc... As recommended in the deprecated interfaces [1], it should be replaced by strscpy. This commit replaces all calls to strlcpy that handle the return values by the corresponding strscpy calls with new handling of the return values (as it is quite different between the two functions). [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy Signed-off-by: Romain Perier --- kernel/module.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/kernel/module.c b/kernel/module.c index 4bf30e4b3eaa..46aad8e92a81 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -2814,6 +2814,7 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) Elf_Sym *dst; char *s; Elf_Shdr *symsec = &info->sechdrs[info->index.sym]; + ssize_t len; /* Set up to point into init section. */ mod->kallsyms = mod->init_layout.base + info->mod_kallsyms_init_off; @@ -2841,8 +2842,9 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) mod->kallsyms->typetab[i]; dst[ndst] = src[i]; dst[ndst++].st_name = s - mod->core_kallsyms.strtab; - s += strlcpy(s, &mod->kallsyms->strtab[src[i].st_name], + len = strscpy(s, &mod->kallsyms->strtab[src[i].st_name], KSYM_NAME_LEN) + 1; + s += (len != -E2BIG) ? len : 0; } } mod->core_kallsyms.num_symtab = ndst;