All of lore.kernel.org
 help / color / mirror / Atom feed
From: Nicolas Iooss <nicolas.iooss@m4x.org>
To: "Christian Göttsche" <cgzones@googlemail.com>
Cc: SElinux list <selinux@vger.kernel.org>
Subject: Re: [PATCH v2 3/3] libsepol: assure string NUL-termination of ibdev_name
Date: Tue, 13 Jul 2021 21:59:47 +0200	[thread overview]
Message-ID: <CAJfZ7=k-cBU3D72aWZ2k2FgMvxqpNMv5gvC=i+UNowW5StXikA@mail.gmail.com> (raw)
In-Reply-To: <CAJfZ7==-in9CtKJwagwFV3btKt2KqfLQQ9v2Tu75VdN18cYOJA@mail.gmail.com>

On Mon, Jul 12, 2021 at 9:35 AM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>
> On Thu, Jul 1, 2021 at 8:07 PM Christian Göttsche
> <cgzones@googlemail.com> wrote:
> >
> > Clang complains:
> >
> >     ibendport_record.c: In function ‘sepol_ibendport_get_ibdev_name’:
> >     ibendport_record.c:169:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation]
> >       169 |  strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX);
> >           |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >     ibendport_record.c: In function ‘sepol_ibendport_set_ibdev_name’:
> >     ibendport_record.c:189:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation]
> >       189 |  strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX);
> >           |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> > strncpy(3) does not NUL-terminate the destination if the source is of
> > the same length or longer then the specified size.
> > The source of these copies are retrieved from
> > sepol_ibendport_alloc_ibdev_name(), which allocates a fixed amount of
> > IB_DEVICE_NAME_MAX bytes.
> > Reduce the size to copy by 1 of all memory regions allocated by
> > sepol_ibendport_alloc_ibdev_name().
> >
> > Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
>
> Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
>
> Thanks,
> Nicolas

Merged.
Thanks!
Nicolas

> > ---
> > v2:
> >   - use at all affected places as pointed out by James Carter
> >
> >  libsepol/src/ibendport_record.c | 8 ++++----
> >  libsepol/src/ibendports.c       | 2 +-
> >  2 files changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/libsepol/src/ibendport_record.c b/libsepol/src/ibendport_record.c
> > index adf67161..1eb50914 100644
> > --- a/libsepol/src/ibendport_record.c
> > +++ b/libsepol/src/ibendport_record.c
> > @@ -62,7 +62,7 @@ int sepol_ibendport_key_create(sepol_handle_t *handle,
> >         if (sepol_ibendport_alloc_ibdev_name(handle, &tmp_key->ibdev_name) < 0)
> >                 goto err;
> >
> > -       strncpy(tmp_key->ibdev_name, ibdev_name, IB_DEVICE_NAME_MAX);
> > +       strncpy(tmp_key->ibdev_name, ibdev_name, IB_DEVICE_NAME_MAX - 1);
> >         tmp_key->port = port;
> >
> >         *key_ptr = tmp_key;
> > @@ -166,7 +166,7 @@ int sepol_ibendport_get_ibdev_name(sepol_handle_t *handle,
> >         if (sepol_ibendport_alloc_ibdev_name(handle, &tmp_ibdev_name) < 0)
> >                 goto err;
> >
> > -       strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX);
> > +       strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX - 1);
> >         *ibdev_name = tmp_ibdev_name;
> >         return STATUS_SUCCESS;
> >
> > @@ -186,7 +186,7 @@ int sepol_ibendport_set_ibdev_name(sepol_handle_t *handle,
> >         if (sepol_ibendport_alloc_ibdev_name(handle, &tmp) < 0)
> >                 goto err;
> >
> > -       strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX);
> > +       strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX - 1);
> >         free(ibendport->ibdev_name);
> >         ibendport->ibdev_name = tmp;
> >         return STATUS_SUCCESS;
> > @@ -230,7 +230,7 @@ int sepol_ibendport_clone(sepol_handle_t *handle,
> >         if (sepol_ibendport_alloc_ibdev_name(handle, &new_ibendport->ibdev_name) < 0)
> >                 goto omem;
> >
> > -       strncpy(new_ibendport->ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX);
> > +       strncpy(new_ibendport->ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX - 1);
> >         new_ibendport->port = ibendport->port;
> >
> >         if (ibendport->con &&
> > diff --git a/libsepol/src/ibendports.c b/libsepol/src/ibendports.c
> > index 6d56c9a1..ee5cb193 100644
> > --- a/libsepol/src/ibendports.c
> > +++ b/libsepol/src/ibendports.c
> > @@ -34,7 +34,7 @@ static int ibendport_from_record(sepol_handle_t *handle,
> >                                            &ibdev_name) < 0)
> >                 goto err;
> >
> > -       strncpy(tmp_ibendport->u.ibendport.dev_name, ibdev_name, IB_DEVICE_NAME_MAX);
> > +       strncpy(tmp_ibendport->u.ibendport.dev_name, ibdev_name, IB_DEVICE_NAME_MAX - 1);
> >
> >         free(ibdev_name);
> >         ibdev_name = NULL;
> > --
> > 2.32.0
> >


  reply	other threads:[~2021-07-13 20:00 UTC|newest]

Thread overview: 56+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-08 15:58 [PATCH 00/23] libsepol: miscellaneous cleanup Christian Göttsche
2021-06-08 15:58 ` [PATCH 01/23] libsepol: fix typos Christian Göttsche
2021-06-21 20:54   ` James Carter
2021-06-08 15:58 ` [PATCH 02/23] libsepol: resolve missing prototypes Christian Göttsche
2021-06-21 20:55   ` James Carter
2021-06-08 15:58 ` [PATCH 03/23] libsepol: remove unused functions Christian Göttsche
2021-06-21 20:54   ` James Carter
2021-06-08 15:58 ` [PATCH 04/23] libsepol: ignore UBSAN false-positives Christian Göttsche
2021-06-09 13:44   ` Ondrej Mosnacek
2021-06-09 14:05   ` James Carter
2021-07-01 18:06   ` [PATCH v2 1/3] " Christian Göttsche
2021-07-12  7:34     ` Nicolas Iooss
2021-07-13 19:59       ` Nicolas Iooss
2021-06-08 15:58 ` [PATCH 05/23] libsepol: avoid implicit conversions Christian Göttsche
2021-06-09 13:47   ` Ondrej Mosnacek
2021-07-01 18:06   ` [PATCH v2 2/3] " Christian Göttsche
2021-07-12  7:36     ` Nicolas Iooss
2021-07-13 20:01       ` Nicolas Iooss
2021-06-08 15:58 ` [PATCH 06/23] libsepol: avoid unsigned integer overflow Christian Göttsche
2021-06-21 20:58   ` James Carter
2021-06-08 15:58 ` [PATCH 07/23] libsepol: follow declaration-after-statement Christian Göttsche
2021-06-21 20:57   ` James Carter
2021-06-08 15:58 ` [PATCH 08/23] libsepol/cil: " Christian Göttsche
2021-06-21 20:56   ` James Carter
2021-06-08 15:58 ` [PATCH 09/23] libsepol: remove dead stores Christian Göttsche
2021-06-08 15:58 ` [PATCH 10/23] libsepol: mark read-only parameters of ebitmap interfaces const Christian Göttsche
2021-06-21 20:55   ` James Carter
2021-06-08 15:59 ` [PATCH 11/23] libsepol: mark read-only parameters of type_set_ " Christian Göttsche
2021-06-21 20:58   ` James Carter
2021-06-08 15:59 ` [PATCH 12/23] libsepol: do not allocate memory of size 0 Christian Göttsche
2021-06-21 20:59   ` James Carter
2021-06-08 15:59 ` [PATCH 13/23] libsepol: assure string NUL-termination Christian Göttsche
2021-06-09 14:38   ` James Carter
2021-07-01 18:07   ` [PATCH v2 3/3] libsepol: assure string NUL-termination of ibdev_name Christian Göttsche
2021-07-12  7:35     ` Nicolas Iooss
2021-07-13 19:59       ` Nicolas Iooss [this message]
2021-06-08 15:59 ` [PATCH 14/23] libsepol: remove dead stores Christian Göttsche
2021-06-08 15:59 ` [PATCH 15/23] libsepol/cil: silence cast warning Christian Göttsche
2021-06-21 20:58   ` James Carter
2021-06-08 15:59 ` [PATCH 16/23] libsepol/cil: drop extra semicolon Christian Göttsche
2021-06-21 20:57   ` James Carter
2021-06-08 15:59 ` [PATCH 17/23] libsepol/cil: drop dead store Christian Göttsche
2021-06-21 20:56   ` James Carter
2021-06-08 15:59 ` [PATCH 18/23] libsepol/cil: drop unnecessary casts Christian Göttsche
2021-06-21 20:55   ` James Carter
2021-06-08 15:59 ` [PATCH 19/23] libsepol/cil: avoid using maybe uninitialized variables Christian Göttsche
2021-06-21 21:00   ` James Carter
2021-06-08 15:59 ` [PATCH 20/23] libsepol: drop repeated semicolons Christian Göttsche
2021-06-21 20:54   ` James Carter
2021-06-08 15:59 ` [PATCH 21/23] libsepol: drop unnecessary casts Christian Göttsche
2021-06-21 20:57   ` James Carter
2021-06-08 15:59 ` [PATCH 22/23] libsepol: declare file local variable static Christian Göttsche
2021-06-21 21:00   ` James Carter
2021-06-08 15:59 ` [PATCH 23/23] libsepol: declare read-only arrays const Christian Göttsche
2021-06-21 20:59   ` James Carter
2021-06-24 14:29 ` [PATCH 00/23] libsepol: miscellaneous cleanup James Carter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJfZ7=k-cBU3D72aWZ2k2FgMvxqpNMv5gvC=i+UNowW5StXikA@mail.gmail.com' \
    --to=nicolas.iooss@m4x.org \
    --cc=cgzones@googlemail.com \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.