Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp2081759pxt; Sun, 8 Aug 2021 10:50:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxm3MvaJfagPeitN+lMFM7AqpGKSvNXzx4meuCKmKHfUsQ0B/4uDbPWXCD+P9q9yVr0D/mu X-Received: by 2002:a05:6402:40f:: with SMTP id q15mr25182838edv.86.1628445027821; Sun, 08 Aug 2021 10:50:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628445027; cv=none; d=google.com; s=arc-20160816; b=SLBC0y4vvFakPbqZrmiakXqi5c61DvT2XhzUzyXF2aFluvaP/K/BjLlrrgMZKvXNiJ rbd3z0vEEZFUkjs94ifteNPxHvpoMU8CJ2ryBkQ97HoMlB0exyUe/aqjE26d0McPtfOb 5NUOQttMKr39/wrHT3GoOGAFk90aMiVxiSyedwMD+qtB32OoR2SnCuoVt6vYyxedGWg5 WO8MUU/VS8rVJYmJUx4KQ9DsLFReI9maC0gQ/KPNjrdkNe4/TB2i4scovmZGh4j9c1L3 nhggkPG2gVf7xy/1zyH3273h8UWwbBS1T/WQ6lta4VQXWGL7IZ7EQL4rrkhiEE1qQ2RG HJTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=biN7tO+vOoPT9CPOPGb5vY+3+YhxtedhlkRSQUZJT0Q=; b=FNgc9mdgg1tkZv5HK2GdrNgDx1I8b1eX7BuN93NWmVtAxoRe8hzrZk7pcIEVtyxo3N 4lAUkj4BVM8NkTylWrEkHdsoVeKZvWqm+H9ojWYwR/o12xVw0O+6hwytt5Qzizk7Ea8n uHvY1lI/UCrImN+8+ZOk/CScHNOSEqa3sn9435E2PHddigQiFUH/qInnmd1okO8fE/4g C/qgjsD6JiH4GqEQB2CiWu03X0QE7B773LpoINu1ZmiqRlwRV+X9fChjrbw4EqXBHIcx mJfIMGBfhCvV9CfD/GumbkbDgEdW1/8wtvqIecDFk99GxUPdw+Nq99dAV07bjBH69TL9 wcug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w14si1309715edl.215.2021.08.08.10.50.03; Sun, 08 Aug 2021 10:50:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232156AbhHHRHC (ORCPT + 99 others); Sun, 8 Aug 2021 13:07:02 -0400 Received: from smtp13.smtpout.orange.fr ([80.12.242.135]:39793 "EHLO smtp.smtpout.orange.fr" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232113AbhHHRHB (ORCPT ); Sun, 8 Aug 2021 13:07:01 -0400 Received: from [192.168.1.18] ([90.126.253.178]) by mwinf5d75 with ME id f56W250073riaq20356WZB; Sun, 08 Aug 2021 19:06:40 +0200 X-ME-Helo: [192.168.1.18] X-ME-Auth: Y2hyaXN0b3BoZS5qYWlsbGV0QHdhbmFkb28uZnI= X-ME-Date: Sun, 08 Aug 2021 19:06:40 +0200 X-ME-IP: 90.126.253.178 Subject: Re: [PATCH v4 2/3] drivers/soc/renesas: Prefer memcpy over strcpy To: Bernd Petrovitsch , Len Baker , Andy Gross , Bjorn Andersson , Geert Uytterhoeven , Magnus Damm , Santosh Shilimkar Cc: Kees Cook , David Laight , Robin Murphy , linux-hardening@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org, linux-arm-kernel@lists.infradead.org References: <20210808125012.4715-1-len.baker@gmx.com> <20210808125012.4715-3-len.baker@gmx.com> <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> From: Christophe JAILLET Message-ID: Date: Sun, 8 Aug 2021 19:06:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Le 08/08/2021 à 17:35, Bernd Petrovitsch a écrit : > Hi all! > > On 08/08/2021 14:50, Len Baker wrote: >> strcpy() performs no bounds checking on the destination buffer. This >> could result in linear overflows beyond the end of the buffer, leading >> to all kinds of misbehaviors. So, use memcpy() as a safe replacement. >> >> This is a previous step in the path to remove the strcpy() function >> entirely from the kernel. >> >> Signed-off-by: Len Baker >> --- >> drivers/soc/renesas/r8a779a0-sysc.c | 6 ++++-- >> drivers/soc/renesas/rcar-sysc.c | 6 ++++-- >> 2 files changed, 8 insertions(+), 4 deletions(-) >> >> diff --git a/drivers/soc/renesas/r8a779a0-sysc.c b/drivers/soc/renesas/r8a779a0-sysc.c >> index d464ffa1be33..7410b9fa9846 100644 >> --- a/drivers/soc/renesas/r8a779a0-sysc.c >> +++ b/drivers/soc/renesas/r8a779a0-sysc.c >> @@ -404,19 +404,21 @@ static int __init r8a779a0_sysc_pd_init(void) >> for (i = 0; i < info->num_areas; i++) { >> const struct r8a779a0_sysc_area *area = &info->areas[i]; >> struct r8a779a0_sysc_pd *pd; >> + size_t n; >> >> if (!area->name) { >> /* Skip NULLified area */ >> continue; >> } >> >> - pd = kzalloc(sizeof(*pd) + strlen(area->name) + 1, GFP_KERNEL); >> + n = strlen(area->name) + 1; >> + pd = kzalloc(sizeof(*pd) + n, GFP_KERNEL); > Zeroing the allocated bytes is not needed since it's completly > overwritten with the strcpy()/memcpy(). The strcpy()/memcpy() only overwrites the pd->name field, not the whole pd structure. I think that it is needed to keep the kzalloc. Just my 2c, CJ >> if (!pd) { >> error = -ENOMEM; >> goto out_put; >> } >> >> - strcpy(pd->name, area->name); >> + memcpy(pd->name, area->name, n); >> pd->genpd.name = pd->name; >> pd->pdr = area->pdr; >> pd->flags = area->flags; > > And similar for the second hunk. > > MfG, > Bernd >