* [PATCH V5] Fix buffer size warning for strcpy
@ 2021-08-25 15:30 Nigel Croxon
2021-08-25 15:37 ` Tkaczyk, Mariusz
2021-10-08 15:46 ` Jes Sorensen
0 siblings, 2 replies; 3+ messages in thread
From: Nigel Croxon @ 2021-08-25 15:30 UTC (permalink / raw)
To: jes, mariusz.tkaczyk, neilb, xni, linux-raid, gal.ofri
To meet requirements of Common Criteria certification vulnerability
assessment. Static code analysis has been run and found the following
error:
buffer_size_warning: Calling "strncpy" with a maximum size
argument of 16 bytes on destination array "ve->name" of
size 16 bytes might leave the destination string unterminated.
https://people.redhat.com/ncroxon/mdadm-4.2-rc2-scan-results.html
The change is to make the destination size to fit the allocated size.
V5:
Simplify the the strnlen call.
V4:
Code cleanup of the interim "if" statement.
V3: Doc change only:
The code change from filling ve->name with spaces to filling it with
null-terminated is to comform to the SNIA - Common RAID Disk Data
Format Specification. The format for VD_Name (ve->name) specifies
the field to be either ASCII or UNICODE. Bit 2 of the VD_Type field
MUST be used to determine the Unicode or ASCII format of this field.
If this field is not used, all bytes MUST be set to zero.
V2: Change from zero-terminated to zero-padded on memset and
change from using strncpy to memcpy, feedback from Neil Brown.
Tested-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
---
super-ddf.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/super-ddf.c b/super-ddf.c
index dc8e512f..2eb617e6 100644
--- a/super-ddf.c
+++ b/super-ddf.c
@@ -2637,9 +2637,11 @@ static int init_super_ddf_bvd(struct supertype *st,
ve->init_state = DDF_init_not;
memset(ve->pad1, 0xff, 14);
- memset(ve->name, ' ', 16);
- if (name)
- strncpy(ve->name, name, 16);
+ memset(ve->name, '\0', sizeof(ve->name));
+ if (name) {
+ int l = strnlen(name, sizeof(ve->name));
+ memcpy(ve->name, name, l);
+ }
ddf->virt->populated_vdes =
cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);
--
2.29.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH V5] Fix buffer size warning for strcpy
2021-08-25 15:30 [PATCH V5] Fix buffer size warning for strcpy Nigel Croxon
@ 2021-08-25 15:37 ` Tkaczyk, Mariusz
2021-10-08 15:46 ` Jes Sorensen
1 sibling, 0 replies; 3+ messages in thread
From: Tkaczyk, Mariusz @ 2021-08-25 15:37 UTC (permalink / raw)
To: Nigel Croxon, jes, linux-raid
On 25.08.2021 17:30, Nigel Croxon wrote:
> To meet requirements of Common Criteria certification vulnerability
> assessment. Static code analysis has been run and found the following
> error:
> buffer_size_warning: Calling "strncpy" with a maximum size
> argument of 16 bytes on destination array "ve->name" of
> size 16 bytes might leave the destination string unterminated.
> https://people.redhat.com/ncroxon/mdadm-4.2-rc2-scan-results.html
>
> The change is to make the destination size to fit the allocated size.
>
> V5:
> Simplify the the strnlen call.
>
> V4:
> Code cleanup of the interim "if" statement.
>
> V3: Doc change only:
> The code change from filling ve->name with spaces to filling it with
> null-terminated is to comform to the SNIA - Common RAID Disk Data
> Format Specification. The format for VD_Name (ve->name) specifies
> the field to be either ASCII or UNICODE. Bit 2 of the VD_Type field
> MUST be used to determine the Unicode or ASCII format of this field.
> If this field is not used, all bytes MUST be set to zero.
>
> V2: Change from zero-terminated to zero-padded on memset and
> change from using strncpy to memcpy, feedback from Neil Brown.
>
> Tested-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
> Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
> ---
> super-ddf.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/super-ddf.c b/super-ddf.c
> index dc8e512f..2eb617e6 100644
> --- a/super-ddf.c
> +++ b/super-ddf.c
> @@ -2637,9 +2637,11 @@ static int init_super_ddf_bvd(struct supertype *st,
> ve->init_state = DDF_init_not;
>
> memset(ve->pad1, 0xff, 14);
> - memset(ve->name, ' ', 16);
> - if (name)
> - strncpy(ve->name, name, 16);
> + memset(ve->name, '\0', sizeof(ve->name));
> + if (name) {
> + int l = strnlen(name, sizeof(ve->name));
> + memcpy(ve->name, name, l);
> + }
> ddf->virt->populated_vdes =
> cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);
>
>
Reviewed-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH V5] Fix buffer size warning for strcpy
2021-08-25 15:30 [PATCH V5] Fix buffer size warning for strcpy Nigel Croxon
2021-08-25 15:37 ` Tkaczyk, Mariusz
@ 2021-10-08 15:46 ` Jes Sorensen
1 sibling, 0 replies; 3+ messages in thread
From: Jes Sorensen @ 2021-10-08 15:46 UTC (permalink / raw)
To: Nigel Croxon, mariusz.tkaczyk, neilb, xni, linux-raid, gal.ofri
On 8/25/21 11:30 AM, Nigel Croxon wrote:
> To meet requirements of Common Criteria certification vulnerability
> assessment. Static code analysis has been run and found the following
> error:
> buffer_size_warning: Calling "strncpy" with a maximum size
> argument of 16 bytes on destination array "ve->name" of
> size 16 bytes might leave the destination string unterminated.
> https://people.redhat.com/ncroxon/mdadm-4.2-rc2-scan-results.html
>
> The change is to make the destination size to fit the allocated size.
>
> V5:
> Simplify the the strnlen call.
>
> V4:
> Code cleanup of the interim "if" statement.
>
> V3: Doc change only:
> The code change from filling ve->name with spaces to filling it with
> null-terminated is to comform to the SNIA - Common RAID Disk Data
> Format Specification. The format for VD_Name (ve->name) specifies
> the field to be either ASCII or UNICODE. Bit 2 of the VD_Type field
> MUST be used to determine the Unicode or ASCII format of this field.
> If this field is not used, all bytes MUST be set to zero.
>
> V2: Change from zero-terminated to zero-padded on memset and
> change from using strncpy to memcpy, feedback from Neil Brown.
>
> Tested-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
> Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
> ---
> super-ddf.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
Applied!
Thanks
Jes
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-10-08 15:46 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-25 15:30 [PATCH V5] Fix buffer size warning for strcpy Nigel Croxon
2021-08-25 15:37 ` Tkaczyk, Mariusz
2021-10-08 15:46 ` Jes Sorensen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.