All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH V4] Fix buffer size warning for strcpy
@ 2021-08-24 12:30 Nigel Croxon
  2021-08-24 13:06 ` Tkaczyk, Mariusz
  0 siblings, 1 reply; 2+ messages in thread
From: Nigel Croxon @ 2021-08-24 12:30 UTC (permalink / raw)
  To: neilb, jes, xni, linux-raid, mariusz.tkaczyk

To meet requirements of Common Criteria certification vulnerability
assessment. Static code analysis has been run and found the following
error:
buffer_size_warning: Calling "strncpy" with a maximum size
argument of 16 bytes on destination array "ve->name" of
size 16 bytes might leave the destination string unterminated.

The change is to make the destination size to fit the allocated size.

V4:
Code cleanup of the interim "if" statement.

V3: Doc change only:
The code change from filling ve->name with spaces to filling it with
null-terminated is to comform to the SNIA - Common RAID Disk Data
Format Specification. The format for VD_Name (ve->name) specifies
the field to be either ASCII or UNICODE. Bit 2 of the VD_Type field
MUST be used to determine the Unicode or ASCII format of this field.
If this field is not used, all bytes MUST be set to zero.

V2: Change from zero-terminated to zero-padded on memset and
change from using strncpy to memcpy, feedback from Neil Brown.

Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
---
 super-ddf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/super-ddf.c b/super-ddf.c
index dc8e512f..db2aaa7a 100644
--- a/super-ddf.c
+++ b/super-ddf.c
@@ -2637,9 +2637,9 @@ static int init_super_ddf_bvd(struct supertype *st,
 		ve->init_state = DDF_init_not;
 
 	memset(ve->pad1, 0xff, 14);
-	memset(ve->name, ' ', 16);
+	memset(ve->name, '\0', sizeof(ve->name));
 	if (name)
-		strncpy(ve->name, name, 16);
+		memcpy(ve->name, name, strnlen(ve->name, sizeof(ve->name)));
 	ddf->virt->populated_vdes =
 		cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);
 
-- 
2.29.2


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH V4] Fix buffer size warning for strcpy
  2021-08-24 12:30 [PATCH V4] Fix buffer size warning for strcpy Nigel Croxon
@ 2021-08-24 13:06 ` Tkaczyk, Mariusz
  0 siblings, 0 replies; 2+ messages in thread
From: Tkaczyk, Mariusz @ 2021-08-24 13:06 UTC (permalink / raw)
  To: Nigel Croxon, jes, linux-raid

Hello Nigel,

> -	memset(ve->name, ' ', 16);
> +	memset(ve->name, '\0', sizeof(ve->name));
>   	if (name)
> -		strncpy(ve->name, name, 16);
> +		memcpy(ve->name, name, strnlen(ve->name, sizeof(ve->name)));
>   	ddf->virt->populated_vdes =
>   		cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);

As I wrote under v3, you should use 'name' instead 've->name' in strnlen.
've->name' has length 0. You can also consider usage of memccpy.

Thanks,
Mariusz

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-08-24 13:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-24 12:30 [PATCH V4] Fix buffer size warning for strcpy Nigel Croxon
2021-08-24 13:06 ` Tkaczyk, Mariusz

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.