From: Maximilian Luz <luzmaximilian@gmail.com>
To: Kees Cook <keescook@chromium.org>
Cc: Bjorn Andersson <andersson@kernel.org>,
Andy Gross <agross@kernel.org>,
Konrad Dybcio <konrad.dybcio@linaro.org>,
Ard Biesheuvel <ardb@kernel.org>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Johan Hovold <johan@kernel.org>,
Steev Klimaszewski <steev@kali.org>,
linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4 1/4] lib/ucs2_string: Add UCS-2 strlcpy function
Date: Tue, 30 May 2023 18:15:06 +0200 [thread overview]
Message-ID: <3255010d-82d5-e8e8-2e11-7de25d538d72@gmail.com> (raw)
In-Reply-To: <202305300820.9B2154B@keescook>
On 5/30/23 17:25, Kees Cook wrote:
> On Mon, May 29, 2023 at 01:03:48AM +0200, Maximilian Luz wrote:
>> Add a ucs2_strlcpy() function for UCS-2 strings. The behavior is
>> equivalent to the standard strlcpy() function, just for 16-bit character
>> UCS-2 strings.
>
> Eek, no. strlcpy() is dangerous in multiple ways[1]. Please implement
> strscpy() (i.e. use strnlen(), negative error on truncation, etc).
Right, make sense, thanks. Somehow I missed that the kernel has a better
function than the C stdlib for that...
> Additionally, it'd be nice of the ucs2 helpers here also implemented the
> rest of the CONFIG_FORTIFY_SOURCE mitigations (i.e. checking for source
> and destination buffer size overflows at compile-time and run-time with
> __builtin_object_size() and __builtin_dynamoc_object_size() respectively).
I can certainly try that, but I think this might be better suited for a
follow-up series, given that we then should also add those to the other
helpers.
Regards,
Max
next prev parent reply other threads:[~2023-05-30 16:15 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-28 23:03 [PATCH v4 0/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 1/4] lib/ucs2_string: Add UCS-2 strlcpy function Maximilian Luz
2023-05-30 15:25 ` Kees Cook
2023-05-30 16:15 ` Maximilian Luz [this message]
2023-05-30 16:17 ` Ard Biesheuvel
2023-05-30 23:18 ` Kees Cook
2023-05-28 23:03 ` [PATCH v4 2/4] firmware: qcom_scm: Clear scm pointer on probe failure Maximilian Luz
2023-06-28 11:20 ` Johan Hovold
2023-07-20 18:55 ` Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 3/4] firmware: qcom_scm: Add support for Qualcomm Secure Execution Environment SCM interface Maximilian Luz
2023-06-28 12:11 ` Johan Hovold
2023-06-28 12:50 ` Johan Hovold
2023-07-20 19:27 ` Maximilian Luz
2023-07-20 19:16 ` Maximilian Luz
2023-05-28 23:03 ` [PATCH v4 4/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-06-29 12:12 ` Johan Hovold
2023-07-20 19:33 ` Maximilian Luz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3255010d-82d5-e8e8-2e11-7de25d538d72@gmail.com \
--to=luzmaximilian@gmail.com \
--cc=agross@kernel.org \
--cc=andersson@kernel.org \
--cc=ardb@kernel.org \
--cc=ilias.apalodimas@linaro.org \
--cc=johan@kernel.org \
--cc=keescook@chromium.org \
--cc=konrad.dybcio@linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=srinivas.kandagatla@linaro.org \
--cc=steev@kali.org \
--cc=sudeep.holla@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.