Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1943552rwb;
        Wed, 5 Oct 2022 07:04:59 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM5KBOTwfLJnQmbgEeaBj4jx4FDTazBVCvmvRri5x+G+27Cza5DlUWPRp71d6cvacFexD4+w
X-Received: by 2002:a05:6402:501a:b0:457:f093:cadb with SMTP id p26-20020a056402501a00b00457f093cadbmr28583610eda.143.1664978698988;
        Wed, 05 Oct 2022 07:04:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1664978698; cv=none;
        d=google.com; s=arc-20160816;
        b=eTsQDjXSAJybjqB0ijaKpZCnxlZG/ngNpJKVMz3Xe10zlcbFtzOYRtJCTmF+HkKWdP
         +Je2m+GukNIJzTsArT7g2dSeQtxkvEJxC/A8DHuaPEgapYCd8UTMD+egFRpG3w8ydgfI
         QYKTVRTT8ziCcjDL84qroEp9Y1uSJVScdxFXDesgDkAz1oG4s986WZU5hh7RHdRiHzf1
         CakgJ00HO7GrMj8dQCj1U5yXUsDFEhWEf9uI30edwoQJuyhRLBk5J9sUAb48YephSnpU
         DGn70jps6GWyftmiR5V1JZaif/tkGfh212L1nWhS8Gie9WHjUdJOFJXfQv11pBQ5grNo
         vTWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :mime-version:accept-language:in-reply-to:references:message-id:date
         :thread-index:thread-topic:subject:cc:to:from;
        bh=dL4aSOU79V3pyWyoUgFv23Vm+WmbBr23+GcbmsIj4pg=;
        b=O70Hp4cOsSZdZfTzSVSbo29+cq3dXJOmAPzXDVYBudkArMRNyOHVkKQA0cniL0JuA2
         XYloRiuXt8ZhxT0bI7FYJ9neOnNKgdZHU20w4xAOFcfA2Wr0co8pvTRiHv7aTWPiSRWK
         jxWs3GgTAwwn1boFreH0/Q2EW27gc8Ocb67xxMN1oGtX+zkucKTh1zpf7ql8Q6CfG0uh
         BdC7DN5Giif2Qm5EA5nBezikDdXNbFL1QfWSKzdJSbyVFygjR9VSikE6Y6mEctQDy8yu
         YBK/G+IKMJRVBjL/fj2vQGCC2oIDenkC5VdldhO8+UwkzQjp1egciX/Uf7aDn9ayrH8Q
         vDPw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aculab.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id g3-20020a170906594300b00782e437a368si12358114ejr.160.2022.10.05.07.04.32;
        Wed, 05 Oct 2022 07:04:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aculab.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230190AbiJEN5n convert rfc822-to-8bit (ORCPT
        <rfc822;ankuragr.engg@gmail.com> + 99 others);
        Wed, 5 Oct 2022 09:57:43 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46876 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229681AbiJEN5k (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 Oct 2022 09:57:40 -0400
Received: from eu-smtp-delivery-151.mimecast.com (eu-smtp-delivery-151.mimecast.com [185.58.85.151])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6896B7C1C1
        for <linux-kernel@vger.kernel.org>; Wed,  5 Oct 2022 06:57:39 -0700 (PDT)
Received: from AcuMS.aculab.com (156.67.243.121 [156.67.243.121]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
 uk-mta-118-5a9usHOPMJiio1QRFnRiZg-1; Wed, 05 Oct 2022 14:57:36 +0100
X-MC-Unique: 5a9usHOPMJiio1QRFnRiZg-1
Received: from AcuMS.Aculab.com (10.202.163.6) by AcuMS.aculab.com
 (10.202.163.6) with Microsoft SMTP Server (TLS) id 15.0.1497.38; Wed, 5 Oct
 2022 14:57:34 +0100
Received: from AcuMS.Aculab.com ([::1]) by AcuMS.aculab.com ([::1]) with mapi
 id 15.00.1497.040; Wed, 5 Oct 2022 14:57:34 +0100
From:   David Laight <David.Laight@ACULAB.COM>
To:     'Will Deacon' <will@kernel.org>,
        "xu.panda668@gmail.com" <xu.panda668@gmail.com>
CC:     "catalin.marinas@arm.com" <catalin.marinas@arm.com>,
        "broonie@kernel.org" <broonie@kernel.org>,
        "maz@kernel.org" <maz@kernel.org>,
        "kristina.martsenko@arm.com" <kristina.martsenko@arm.com>,
        "vladimir.murzin@arm.com" <vladimir.murzin@arm.com>,
        "mark.rutland@arm.com" <mark.rutland@arm.com>,
        "ardb@kernel.org" <ardb@kernel.org>,
        "linux-arm-kernel@lists.infradead.org" 
        <linux-arm-kernel@lists.infradead.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "cgel.zte@gmail.com" <cgel.zte@gmail.com>,
        "Xu Panda" <xu.panda@zte.com.cn>, Zeal Robot <zealci@zte.com.cn>
Subject: RE: [PATCH linux-next] arm64/idreg: use strscpy() is more robust and
 safer
Thread-Topic: [PATCH linux-next] arm64/idreg: use strscpy() is more robust and
 safer
Thread-Index: AQHY1+dBQlRmI/zldUe2KkA+YOQema3/0VNg
Date:   Wed, 5 Oct 2022 13:57:34 +0000
Message-ID: <8533a82ace484fe4ab73fccea7dc009b@AcuMS.aculab.com>
References: <20220929072905.282639-1-xu.panda668@gmail.com>
 <20221004114818.GA23663@willie-the-truck>
In-Reply-To: <20221004114818.GA23663@willie-the-truck>
Accept-Language: en-GB, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.202.205.107]
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: aculab.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8BIT
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Will Deacon
> Sent: 04 October 2022 12:48
> 
> On Thu, Sep 29, 2022 at 07:29:06AM +0000, xu.panda668@gmail.com wrote:
> > From: Xu Panda <xu.panda@zte.com.cn>
> >
> > The implementation of strscpy() is more robust and safer.
> > That's now the recommended way to copy NUL terminated strings.

In this case the input string isn't NUL terminated....

> >
> > Reported-by: Zeal Robot <zealci@zte.com.cn>
> > Signed-off-by: Xu Panda <xu.panda@zte.com.cn>
> > Signed-off-by: Xu Panda <xu.panda668@gmail.com>
> > ---
> >  arch/arm64/kernel/idreg-override.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/arch/arm64/kernel/idreg-override.c b/arch/arm64/kernel/idreg-override.c
> > index 95133765ed29..61bbec7ef62e 100644
> > --- a/arch/arm64/kernel/idreg-override.c
> > +++ b/arch/arm64/kernel/idreg-override.c
> > @@ -246,7 +246,7 @@ static __init void __parse_cmdline(const char *cmdline, bool parse_aliases)
> >                         return;
> >
> >                 len = min(len, ARRAY_SIZE(buf) - 1);
> > -               strncpy(buf, cmdline, len);
> > +               strscpy(buf, cmdline, len);
> >                 buf[len] = 0;
> 
> Aren't we terminating the buffer explicitly here anyway?

I doubt the code was tested.
It is always wrong regardless of the initial value of 'len'.

I think using strscpy() will delete the last character
and always add two '\0'.

On the face of it, that could probably be a memcpy().

But with the checks you don't need any of the length
checks that memcpy() might be gaining.

OTOH, if the code used parameqn() a few lines lower the
entire copy could be removed.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)