Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp305330rwp; Wed, 12 Jul 2023 13:40:09 -0700 (PDT) X-Google-Smtp-Source: APBJJlFfTjX2vH5n05huFJuGXZ47cmWDcgK0yWumPnqoVUAYKmz/N5hlsP/6r2vNgx1lAuhMq9k5 X-Received: by 2002:a2e:9f07:0:b0:2b7:25b2:e37a with SMTP id u7-20020a2e9f07000000b002b725b2e37amr8068740ljk.44.1689194409348; Wed, 12 Jul 2023 13:40:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689194409; cv=none; d=google.com; s=arc-20160816; b=rRWUkv5Orr/ASgn6GCNzx8embM/rdBkdq4/FLJmbNIIxMZ3sf4sE71xighdsgg0Exy sXQINOY9FnKslGPV4uG3qf6ZKoWTkRZrl0Vu/YqKdeWkvUxBROxcyGmrnBVKFg7gvA4G TlQO/v3EZu9nWK3tB/kt6lTnXvP7dovl3Yt1R9iu68p8hid8hUw7oEbQxecqY8ekBb6a FYw87jlHpoS5OZVegy+0eWHDAVEXbE6MQ7068CSP2toygRHHistX90fTPW/XKDttM4FX +40O4qtAH2oIsEj3om3NemcUwwEvjmay1Iih0IQ9erMQzABJ+VPcWSNlTR37U6L9nX3m Jwfw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:dkim-signature:date; bh=LRjkX1alqufdFp+5oDuqNAJ4YZpsTFqeehXA3ckgvjk=; fh=jj7Exx1G2j+BtVmuqG+29cxdB6KC9LNpaUf38Yun7Kw=; b=x0uv8VY+JQ+/JPdFMlGfs/zH9MpuzkhKbMAtKSUICUnlWcsvsKbaXY6HK8sSSEzdS1 gI2LI/zmNvHnbZFhz/1TqcYlo+htnvqOMFlKbyMWI7G+S4KsICZRX3VEM+pXto4HDziV J2VURXhJPD9AF5dF8I0o+o7U7Ar0kgN+w0pkHTYWrpPu7L/gX7gaNP1Ws2Rot9szxuYb Ck8mPUWVzs/hBi/4WoFr1y3hGsqDX2jEkwKFjydElqYdU5HIHkNZtqFZAk+vNLQQOmZN ERanAMHx8rcTAg9L2SDKwaJpYrkaARqMqZpj4sTYqwjmyz2cVx55+hSPyahmuZ+cqpv5 Odqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=HjAc5YxX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ce25-20020a170906b25900b0098759d6f22csi5476809ejb.161.2023.07.12.13.39.44; Wed, 12 Jul 2023 13:40:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=HjAc5YxX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232051AbjGLUTk (ORCPT + 99 others); Wed, 12 Jul 2023 16:19:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48240 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231238AbjGLUTi (ORCPT ); Wed, 12 Jul 2023 16:19:38 -0400 Received: from out-14.mta1.migadu.com (out-14.mta1.migadu.com [IPv6:2001:41d0:203:375::e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41BC31FF1 for ; Wed, 12 Jul 2023 13:19:37 -0700 (PDT) Date: Wed, 12 Jul 2023 16:19:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1689193175; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=LRjkX1alqufdFp+5oDuqNAJ4YZpsTFqeehXA3ckgvjk=; b=HjAc5YxXPVPo/BB4dkzyLewEHGl8569ijrwJHsDTxvX7raSf8T/h83wknlmtGhl++GNQ8C eSV+Ow9rU+z9O75Ci1C3vEoHnfEVDHKfsrBhi1aK5z8DyVwAHr8JTPqSKwiIkNDzd8q89M gd2moP+hsPJmt+BoG8ewxWF3xzgiEFY= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Kent Overstreet To: Kees Cook Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-bcachefs@vger.kernel.org, Kent Overstreet , linux-hardening@vger.kernel.org Subject: Re: [PATCH 29/32] lib/string_helpers: string_get_size() now returns characters wrote Message-ID: <20230712201931.kuksw5zmuwah7tqs@moria.home.lan> References: <20230509165657.1735798-1-kent.overstreet@linux.dev> <20230509165657.1735798-30-kent.overstreet@linux.dev> <202307121248.36919B223@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202307121248.36919B223@keescook> X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 12, 2023 at 12:58:54PM -0700, Kees Cook wrote: > On Tue, May 09, 2023 at 12:56:54PM -0400, Kent Overstreet wrote: > > From: Kent Overstreet > > > > printbuf now needs to know the number of characters that would have been > > written if the buffer was too small, like snprintf(); this changes > > string_get_size() to return the the return value of snprintf(). > > Unfortunately, snprintf doesn't return characters written, it return > what it TRIED to write, and can cause a lot of problems[1]. This patch > would be fine with me if the snprintf was also replaced by scnprintf, > which will return the actual string length copied (or 0) *not* including > the trailing %NUL. ...All of which would be solved if we were converting code away from raw char * buffers to a proper string building type. Which I tried to address when I tried to push printbufs upstream, but that turned into a giant exercise in frustration in dealing with maintainers.