* [PATCH v2] staging: qlge: Replace strncpy with strscpy
@ 2023-10-06 16:12 Ricardo Lopes
2023-10-09 13:17 ` Simon Horman
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Ricardo Lopes @ 2023-10-06 16:12 UTC (permalink / raw)
To: manishc, GR-Linux-NIC-Dev, coiby.xu, gregkh
Cc: netdev, linux-staging, linux-kernel
Reported by checkpatch:
WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy
Signed-off-by: Ricardo Lopes <ricardoapl.dev@gmail.com>
---
v2: Redo changelog text
drivers/staging/qlge/qlge_dbg.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/staging/qlge/qlge_dbg.c b/drivers/staging/qlge/qlge_dbg.c
index c7e865f51..5f08a8492 100644
--- a/drivers/staging/qlge/qlge_dbg.c
+++ b/drivers/staging/qlge/qlge_dbg.c
@@ -696,7 +696,7 @@ static void qlge_build_coredump_seg_header(struct mpi_coredump_segment_header *s
seg_hdr->cookie = MPI_COREDUMP_COOKIE;
seg_hdr->seg_num = seg_number;
seg_hdr->seg_size = seg_size;
- strncpy(seg_hdr->description, desc, (sizeof(seg_hdr->description)) - 1);
+ strscpy(seg_hdr->description, desc, sizeof(seg_hdr->description));
}
/*
@@ -737,7 +737,7 @@ int qlge_core_dump(struct qlge_adapter *qdev, struct qlge_mpi_coredump *mpi_core
sizeof(struct mpi_coredump_global_header);
mpi_coredump->mpi_global_header.image_size =
sizeof(struct qlge_mpi_coredump);
- strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
+ strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
sizeof(mpi_coredump->mpi_global_header.id_string));
/* Get generic NIC reg dump */
@@ -1225,7 +1225,7 @@ static void qlge_gen_reg_dump(struct qlge_adapter *qdev,
sizeof(struct mpi_coredump_global_header);
mpi_coredump->mpi_global_header.image_size =
sizeof(struct qlge_reg_dump);
- strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
+ strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
sizeof(mpi_coredump->mpi_global_header.id_string));
/* segment 16 */
--
2.41.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2] staging: qlge: Replace strncpy with strscpy
2023-10-06 16:12 [PATCH v2] staging: qlge: Replace strncpy with strscpy Ricardo Lopes
@ 2023-10-09 13:17 ` Simon Horman
2023-10-09 16:44 ` Kees Cook
2023-10-09 17:22 ` Justin Stitt
2 siblings, 0 replies; 5+ messages in thread
From: Simon Horman @ 2023-10-09 13:17 UTC (permalink / raw)
To: Ricardo Lopes
Cc: manishc, GR-Linux-NIC-Dev, coiby.xu, gregkh, netdev,
linux-staging, linux-kernel, Kees Cook
On Fri, Oct 06, 2023 at 05:12:24PM +0100, Ricardo Lopes wrote:
> Reported by checkpatch:
>
> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy
>
> Signed-off-by: Ricardo Lopes <ricardoapl.dev@gmail.com>
> ---
> v2: Redo changelog text
Kees,
could you find a moment to look over this one?
>
> drivers/staging/qlge/qlge_dbg.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/staging/qlge/qlge_dbg.c b/drivers/staging/qlge/qlge_dbg.c
> index c7e865f51..5f08a8492 100644
> --- a/drivers/staging/qlge/qlge_dbg.c
> +++ b/drivers/staging/qlge/qlge_dbg.c
> @@ -696,7 +696,7 @@ static void qlge_build_coredump_seg_header(struct mpi_coredump_segment_header *s
> seg_hdr->cookie = MPI_COREDUMP_COOKIE;
> seg_hdr->seg_num = seg_number;
> seg_hdr->seg_size = seg_size;
> - strncpy(seg_hdr->description, desc, (sizeof(seg_hdr->description)) - 1);
> + strscpy(seg_hdr->description, desc, sizeof(seg_hdr->description));
> }
>
> /*
> @@ -737,7 +737,7 @@ int qlge_core_dump(struct qlge_adapter *qdev, struct qlge_mpi_coredump *mpi_core
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_mpi_coredump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* Get generic NIC reg dump */
> @@ -1225,7 +1225,7 @@ static void qlge_gen_reg_dump(struct qlge_adapter *qdev,
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_reg_dump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* segment 16 */
> --
> 2.41.0
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] staging: qlge: Replace strncpy with strscpy
2023-10-06 16:12 [PATCH v2] staging: qlge: Replace strncpy with strscpy Ricardo Lopes
2023-10-09 13:17 ` Simon Horman
@ 2023-10-09 16:44 ` Kees Cook
2023-10-09 18:53 ` Ricardo Lopes
2023-10-09 17:22 ` Justin Stitt
2 siblings, 1 reply; 5+ messages in thread
From: Kees Cook @ 2023-10-09 16:44 UTC (permalink / raw)
To: Ricardo Lopes
Cc: manishc, GR-Linux-NIC-Dev, coiby.xu, justinstitt,
linux-hardening, gregkh, netdev, linux-staging, linux-kernel
On Fri, Oct 06, 2023 at 05:12:24PM +0100, Ricardo Lopes wrote:
> Reported by checkpatch:
>
> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy
Thanks for working on this! Doing these replacements needs analysis of
several issues that should be described in the commit log:
- is the destination an %NUL-terminated string? (strncpy can produce
non-%NUL-terminated strings and sometimes this is intentional.)
- is the source %NUL-terminated? (Sometimes strncpy is used when memcpy,
kmemdup_nul, or other things should be used.)
- does the destination need to be %NUL padded? (strncpy does this
padding, but it isn't always obvious if it's needed.) When padding is
needed, strscpy_pad() should be used.
>
> Signed-off-by: Ricardo Lopes <ricardoapl.dev@gmail.com>
> ---
> v2: Redo changelog text
>
> drivers/staging/qlge/qlge_dbg.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/staging/qlge/qlge_dbg.c b/drivers/staging/qlge/qlge_dbg.c
> index c7e865f51..5f08a8492 100644
> --- a/drivers/staging/qlge/qlge_dbg.c
> +++ b/drivers/staging/qlge/qlge_dbg.c
> @@ -696,7 +696,7 @@ static void qlge_build_coredump_seg_header(struct mpi_coredump_segment_header *s
> seg_hdr->cookie = MPI_COREDUMP_COOKIE;
> seg_hdr->seg_num = seg_number;
> seg_hdr->seg_size = seg_size;
> - strncpy(seg_hdr->description, desc, (sizeof(seg_hdr->description)) - 1);
> + strscpy(seg_hdr->description, desc, sizeof(seg_hdr->description));
> }
This function uses memset() for seq_hdr, so this is clearly trying
to construct a %NUL terminated destination (due to the old "- 1"
on the size). Also, padding should be redundant. All the callers of
qlge_build_coredump_seg_header() pass a const string as the last argument,
so they're all terminated. This looks like a correct replacement.
>
> /*
> @@ -737,7 +737,7 @@ int qlge_core_dump(struct qlge_adapter *qdev, struct qlge_mpi_coredump *mpi_core
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_mpi_coredump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* Get generic NIC reg dump */
> @@ -1225,7 +1225,7 @@ static void qlge_gen_reg_dump(struct qlge_adapter *qdev,
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_reg_dump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* segment 16 */
These are both trying to copy a const string, so we know the src is
terminated. Checking the related sizes:
struct mpi_coredump_global_header {
...
u8 id_string[16];
The const strings are 13 bytes with the %NUL, so they'll always fit in
the destination.
Just before these copies, the mpi_global_header is wiped:
memset(&mpi_coredump->mpi_global_header, 0,
sizeof(struct mpi_coredump_global_header));
so padding isn't a concern. This looks like a correct replacement.
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] staging: qlge: Replace strncpy with strscpy
2023-10-06 16:12 [PATCH v2] staging: qlge: Replace strncpy with strscpy Ricardo Lopes
2023-10-09 13:17 ` Simon Horman
2023-10-09 16:44 ` Kees Cook
@ 2023-10-09 17:22 ` Justin Stitt
2 siblings, 0 replies; 5+ messages in thread
From: Justin Stitt @ 2023-10-09 17:22 UTC (permalink / raw)
To: Ricardo Lopes
Cc: manishc, GR-Linux-NIC-Dev, coiby.xu, gregkh, netdev,
linux-staging, linux-kernel
On Fri, Oct 06, 2023 at 05:12:24PM +0100, Ricardo Lopes wrote:
> Reported by checkpatch:
>
> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy
>
> Signed-off-by: Ricardo Lopes <ricardoapl.dev@gmail.com>
Nice patch!
It looks good to me and helps towards [1].
Reviewed-by: Justin Stitt <justinstitt@google.com>
> ---
> v2: Redo changelog text
>
> drivers/staging/qlge/qlge_dbg.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/staging/qlge/qlge_dbg.c b/drivers/staging/qlge/qlge_dbg.c
> index c7e865f51..5f08a8492 100644
> --- a/drivers/staging/qlge/qlge_dbg.c
> +++ b/drivers/staging/qlge/qlge_dbg.c
> @@ -696,7 +696,7 @@ static void qlge_build_coredump_seg_header(struct mpi_coredump_segment_header *s
> seg_hdr->cookie = MPI_COREDUMP_COOKIE;
> seg_hdr->seg_num = seg_number;
> seg_hdr->seg_size = seg_size;
> - strncpy(seg_hdr->description, desc, (sizeof(seg_hdr->description)) - 1);
> + strscpy(seg_hdr->description, desc, sizeof(seg_hdr->description));
> }
>
> /*
> @@ -737,7 +737,7 @@ int qlge_core_dump(struct qlge_adapter *qdev, struct qlge_mpi_coredump *mpi_core
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_mpi_coredump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* Get generic NIC reg dump */
> @@ -1225,7 +1225,7 @@ static void qlge_gen_reg_dump(struct qlge_adapter *qdev,
> sizeof(struct mpi_coredump_global_header);
> mpi_coredump->mpi_global_header.image_size =
> sizeof(struct qlge_reg_dump);
> - strncpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> + strscpy(mpi_coredump->mpi_global_header.id_string, "MPI Coredump",
> sizeof(mpi_coredump->mpi_global_header.id_string));
>
> /* segment 16 */
> --
> 2.41.0
>
[1]: https://github.com/KSPP/linux/issues/90
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] staging: qlge: Replace strncpy with strscpy
2023-10-09 16:44 ` Kees Cook
@ 2023-10-09 18:53 ` Ricardo Lopes
0 siblings, 0 replies; 5+ messages in thread
From: Ricardo Lopes @ 2023-10-09 18:53 UTC (permalink / raw)
To: Kees Cook
Cc: manishc, GR-Linux-NIC-Dev, coiby.xu, justinstitt,
linux-hardening, gregkh, netdev, linux-staging, linux-kernel
On Mon, Oct 09, 2023 at 09:44:37AM -0700, Kees Cook wrote:
> Thanks for working on this! Doing these replacements needs analysis of
> several issues that should be described in the commit log:
>
> - is the destination an %NUL-terminated string? (strncpy can produce
> non-%NUL-terminated strings and sometimes this is intentional.)
>
> - is the source %NUL-terminated? (Sometimes strncpy is used when memcpy,
> kmemdup_nul, or other things should be used.)
>
> - does the destination need to be %NUL padded? (strncpy does this
> padding, but it isn't always obvious if it's needed.) When padding is
> needed, strscpy_pad() should be used.
Thank you for the feedback Kees, I really appreciate it
Regards,
Ricardo Lopes
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-10-09 18:54 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-10-06 16:12 [PATCH v2] staging: qlge: Replace strncpy with strscpy Ricardo Lopes
2023-10-09 13:17 ` Simon Horman
2023-10-09 16:44 ` Kees Cook
2023-10-09 18:53 ` Ricardo Lopes
2023-10-09 17:22 ` Justin Stitt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).