Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1696277pxb; Mon, 22 Feb 2021 08:38:59 -0800 (PST) X-Google-Smtp-Source: ABdhPJzRg84oRA04bpiJTqIoXGPicLcS39STTceVbO47hiHPhLqt1hFcTkTXXtDPX/rC74x3JX2u X-Received: by 2002:a17:906:3b53:: with SMTP id h19mr5605247ejf.145.1614011939362; Mon, 22 Feb 2021 08:38:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614011939; cv=none; d=google.com; s=arc-20160816; b=uFjo0hw8hjiiFEqciIshK9xHQ6HPl3W5b2Ot0PNCA+Q8z4DfbkVFJeveLP951N24/7 R5O/IkroBZZMWG4qNywBjuf0E+k57VAV6HwJFDkrJoeujxtJBjJIl/NnlYiTuerbNEoh DnOvGl47f1l5o9pKYeLVk7rS9BiIPA9eeDBwe2HiIOk+N0PhVqzetposmj+nVBODnFGr utYUi7myTfKACG05ZJaeX+L+PlAtTDygIrjUmeAqmzY2mUQS3RKlH6zw5DItdWkYnFC+ y2YrRe2vwhATxQxZ4ArtjH9GUQuNIbnO7OVLxV06aZABYLCxuAEg4PRcmpfiz3PjQBfz pBGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=CQtzj2ET+OspvcT7VasFUJh31XI2DgueE7K7chQefu0=; b=HD5tevtMv0FDusuUySbQEPOpdErM6k3yAp1VIG/T7am+bs3z9gjI2+aJ9JMl674kXi lLkLAqhLdAKLTuAE2/zt7Z2Os57sE5AVXZ052YgoXHXBuUBTK6COZqFLio0jRxEPJAOJ 5k9RlbFY79OdWWLnxi+0rkBCPNSoUUNTyXLy04W8ou2lE62j+g27nXpL65a7tXo1Uf9Y leD29NcmTg+gifNgNDbza5cirnioim8d8PDbkg/li1ZxH8NZIP4LpOIUMYIpzmtwlvnV Z6/T/O82lS9y6cNoIJM8gF2UsFSm3VDmXSMszKK+Gl1P5UPMCi9ljAu053Ycbk2jKJ/v dSGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=google header.b=JgIAcXbm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i8si13466306ejj.286.2021.02.22.08.38.35; Mon, 22 Feb 2021 08:38:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=google header.b=JgIAcXbm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231460AbhBVQhk (ORCPT + 99 others); Mon, 22 Feb 2021 11:37:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58176 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230037AbhBVQhg (ORCPT ); Mon, 22 Feb 2021 11:37:36 -0500 Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D05B6C061574 for ; Mon, 22 Feb 2021 08:36:55 -0800 (PST) Received: by mail-ot1-x329.google.com with SMTP id s107so12545433otb.8 for ; Mon, 22 Feb 2021 08:36:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linuxfoundation.org; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=CQtzj2ET+OspvcT7VasFUJh31XI2DgueE7K7chQefu0=; b=JgIAcXbmqnUtAzeQggrQMFDw+iRD7712f5b6XLlsNpGFq/2OH71ZR8eVPcYSvV8O9Z Q4ZFhr/HY3qIL2VVw5am2ZXMqQjcHv6oQm57icBzxpF2r/H6pUN28Ic0UVcMNAWR0oM3 Nk4pk+06r39DoxUQo5VbU8V6VX0ewSDT/6fu0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=CQtzj2ET+OspvcT7VasFUJh31XI2DgueE7K7chQefu0=; b=j+noUqOtnDKrHyr0+7K/Q76redY4xWExQkOi3/Gor4hNI2u6ZK+v0rXCoU5/yLraFl k6NQnYpsYqsQ5MMSYq921L75p5adAdoRpB4RUf9bdcIozIdB2Te3YB61lRPb86k7LAsq n9pG/dhX72DTP4FhU4zPnxu4Faz41cJZX8iyvZpPMyd8w5QzgfEYffAJj33Yj8XBwdBS 61e7gXtFyh+CIGNqSsYcvfM+l+q34i+zE9VpxHczpUARv8+ujACZPQ/Y/uJOCziFqXbP 9XpNPfNXkGyIOee+cn5SWef+ipg6GDQb0XzzajRml8LprO0fana3+DlLrX7faYIyZAYU wdEw== X-Gm-Message-State: AOAM533fDuPoSnrSdBnRm3lEzntoAXhzQ7v35pUnikHRqREI83puKzcp UuPLB9XIAmE6/4R1FSZwO7b2QQ== X-Received: by 2002:a05:6830:314d:: with SMTP id c13mr16134049ots.124.1614011814286; Mon, 22 Feb 2021 08:36:54 -0800 (PST) Received: from [192.168.1.112] (c-24-9-64-241.hsd1.co.comcast.net. [24.9.64.241]) by smtp.gmail.com with ESMTPSA id 7sm3712035oth.38.2021.02.22.08.36.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 22 Feb 2021 08:36:53 -0800 (PST) Subject: Re: [PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy To: Romain Perier , Kees Cook , kernel-hardening@lists.openwall.com, Tejun Heo , Zefan Li , Johannes Weiner , Herbert Xu , "David S. Miller" , Jiri Pirko , Sumit Semwal , =?UTF-8?Q?Christian_K=c3=b6nig?= , Greg Kroah-Hartman , Mimi Zohar , Dmitry Kasatkin , "J. Bruce Fields" , Chuck Lever , Geert Uytterhoeven , Jessica Yu , Guenter Roeck , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , Steffen Maier , Benjamin Block , "Martin K. Petersen" , Jaroslav Kysela , Takashi Iwai , Steven Rostedt , Ingo Molnar , Jiri Slaby , Felipe Balbi , Valentina Manea , Shuah Khan , Wim Van Sebroeck Cc: cgroups@vger.kernel.org, linux-crypto@vger.kernel.org, netdev@vger.kernel.org, linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, "Rafael J. Wysocki" , linux-integrity@vger.kernel.org, linux-nfs@vger.kernel.org, linux-m68k@lists.linux-m68k.org, linux-hwmon@vger.kernel.org, linux-s390@vger.kernel.org, linux-scsi@vger.kernel.org, target-devel@vger.kernel.org, alsa-devel@alsa-project.org, linux-usb@vger.kernel.org, linux-watchdog@vger.kernel.org, linux-kernel@vger.kernel.org, Shuah Khan References: <20210222151231.22572-1-romain.perier@gmail.com> From: Shuah Khan Message-ID: <936bcf5e-2006-7643-7804-9efa318b3e2b@linuxfoundation.org> Date: Mon, 22 Feb 2021 09:36:51 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <20210222151231.22572-1-romain.perier@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/22/21 8:12 AM, Romain Perier wrote: > strlcpy() copy a C-String into a sized buffer, the result is always a > valid NULL-terminated that fits in the buffer, howerver it has severals > issues. It reads the source buffer first, which is dangerous if it is non > NULL-terminated or if the corresponding buffer is unbounded. Its safe > replacement is strscpy(), as suggested in the deprecated interface [1]. > > We plan to make this contribution in two steps: > - Firsly all cases of strlcpy's return value are manually replaced by the > corresponding calls of strscpy() with the new handling of the return > value (as the return code is different in case of error). > - Then all other cases are automatically replaced by using coccinelle. > Cool. A quick check shows me 1031 strscpy() calls with no return checks. All or some of these probably need to be reviewed and add return checks. Is this something that is in the plan to address as part of this work? thanks, -- Shuah