* [PATCHv3 0/2] String fixups in ibmvscsi
@ 2018-09-11 19:22 Laura Abbott
2018-09-11 19:22 ` [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning Laura Abbott
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Laura Abbott @ 2018-09-11 19:22 UTC (permalink / raw)
To: Bryant G. Ly, Michael Cyr, Kees Cook
Cc: Laura Abbott, James E.J. Bottomley, Martin K. Petersen,
linux-scsi, target-devel, linux-kernel
Hi,
This is (hopefully) the last version of the string fixups found in the
ibmvscsi driver.
Laura Abbott (2):
scsi: ibmvscsis: Fix a stringop-overflow warning
scsi: ibmvscsis: Ensure partition name is properly NUL terminated
drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
--
2.17.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning
2018-09-11 19:22 [PATCHv3 0/2] String fixups in ibmvscsi Laura Abbott
@ 2018-09-11 19:22 ` Laura Abbott
2018-09-18 0:37 ` Ly, Bryant
2018-09-11 19:22 ` [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott
2018-09-17 6:51 ` [PATCHv3 0/2] String fixups in ibmvscsi Martin K. Petersen
2 siblings, 1 reply; 7+ messages in thread
From: Laura Abbott @ 2018-09-11 19:22 UTC (permalink / raw)
To: Bryant G. Ly, Michael Cyr, Kees Cook
Cc: Laura Abbott, James E.J. Bottomley, Martin K. Petersen,
linux-scsi, target-devel, linux-kernel
There's currently a warning about string overflow with strncat:
drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c: In function 'ibmvscsis_probe':
drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c:3479:2: error: 'strncat' specified
bound 64 equals destination size [-Werror=stringop-overflow=]
strncat(vscsi->eye, vdev->name, MAX_EYE);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Switch to a single snprintf instead of a strcpy + strcat to handle this
cleanly.
Signed-off-by: Laura Abbott <labbott@redhat.com>
---
v3: Make sure there is an extra space in the partition name
---
drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
index fac377320158..b3a029ad07cd 100644
--- a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
+++ b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
@@ -3474,8 +3474,7 @@ static int ibmvscsis_probe(struct vio_dev *vdev,
vscsi->dds.window[LOCAL].liobn,
vscsi->dds.window[REMOTE].liobn);
- strcpy(vscsi->eye, "VSCSI ");
- strncat(vscsi->eye, vdev->name, MAX_EYE);
+ snprintf(vscsi->eye, sizeof(vscsi->eye), "VSCSI %s", vdev->name);
vscsi->dds.unit_id = vdev->unit_address;
strncpy(vscsi->dds.partition_name, partition_name,
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated
2018-09-11 19:22 [PATCHv3 0/2] String fixups in ibmvscsi Laura Abbott
2018-09-11 19:22 ` [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning Laura Abbott
@ 2018-09-11 19:22 ` Laura Abbott
2018-09-11 19:33 ` Kees Cook
2018-09-18 0:38 ` Bryant Ly
2018-09-17 6:51 ` [PATCHv3 0/2] String fixups in ibmvscsi Martin K. Petersen
2 siblings, 2 replies; 7+ messages in thread
From: Laura Abbott @ 2018-09-11 19:22 UTC (permalink / raw)
To: Bryant G. Ly, Michael Cyr, Kees Cook
Cc: Laura Abbott, James E.J. Bottomley, Martin K. Petersen,
linux-scsi, target-devel, linux-kernel
While reviewing another part of the code, Kees noticed that the
strncpy of the partition name might not always be NUL terminated. Switch
to using strscpy which does this safely.
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Laura Abbott <labbott@redhat.com>
---
v2: Switch to strscpy instead of just strlcpy
---
drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
index b3a029ad07cd..f42a619198c4 100644
--- a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
+++ b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
@@ -3477,7 +3477,7 @@ static int ibmvscsis_probe(struct vio_dev *vdev,
snprintf(vscsi->eye, sizeof(vscsi->eye), "VSCSI %s", vdev->name);
vscsi->dds.unit_id = vdev->unit_address;
- strncpy(vscsi->dds.partition_name, partition_name,
+ strscpy(vscsi->dds.partition_name, partition_name,
sizeof(vscsi->dds.partition_name));
vscsi->dds.partition_num = partition_number;
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated
2018-09-11 19:22 ` [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott
@ 2018-09-11 19:33 ` Kees Cook
2018-09-18 0:38 ` Bryant Ly
1 sibling, 0 replies; 7+ messages in thread
From: Kees Cook @ 2018-09-11 19:33 UTC (permalink / raw)
To: Laura Abbott
Cc: Bryant G. Ly, Michael Cyr, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, target-devel, LKML
On Tue, Sep 11, 2018 at 12:22 PM, Laura Abbott <labbott@redhat.com> wrote:
>
> While reviewing another part of the code, Kees noticed that the
> strncpy of the partition name might not always be NUL terminated. Switch
> to using strscpy which does this safely.
>
> Reported-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Laura Abbott <labbott@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
-Kees
> ---
> v2: Switch to strscpy instead of just strlcpy
> ---
> drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
> index b3a029ad07cd..f42a619198c4 100644
> --- a/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
> +++ b/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c
> @@ -3477,7 +3477,7 @@ static int ibmvscsis_probe(struct vio_dev *vdev,
> snprintf(vscsi->eye, sizeof(vscsi->eye), "VSCSI %s", vdev->name);
>
> vscsi->dds.unit_id = vdev->unit_address;
> - strncpy(vscsi->dds.partition_name, partition_name,
> + strscpy(vscsi->dds.partition_name, partition_name,
> sizeof(vscsi->dds.partition_name));
> vscsi->dds.partition_num = partition_number;
>
> --
> 2.17.1
>
--
Kees Cook
Pixel Security
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCHv3 0/2] String fixups in ibmvscsi
2018-09-11 19:22 [PATCHv3 0/2] String fixups in ibmvscsi Laura Abbott
2018-09-11 19:22 ` [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning Laura Abbott
2018-09-11 19:22 ` [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott
@ 2018-09-17 6:51 ` Martin K. Petersen
2 siblings, 0 replies; 7+ messages in thread
From: Martin K. Petersen @ 2018-09-17 6:51 UTC (permalink / raw)
To: Laura Abbott
Cc: Bryant G. Ly, Michael Cyr, Kees Cook, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, target-devel, linux-kernel
Laura,
> This is (hopefully) the last version of the string fixups found in the
> ibmvscsi driver.
Applied to 4.19/scsi-fixes, thank you!
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning
2018-09-11 19:22 ` [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning Laura Abbott
@ 2018-09-18 0:37 ` Ly, Bryant
0 siblings, 0 replies; 7+ messages in thread
From: Ly, Bryant @ 2018-09-18 0:37 UTC (permalink / raw)
To: Laura Abbott
Cc: Bryant G. Ly, Michael Cyr, Kees Cook, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, target-devel, linux-kernel
> On Sep 11, 2018, at 2:22 PM, Laura Abbott <labbott@redhat.com> wrote:
>
> There's currently a warning about string overflow with strncat:
>
> drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c: In function 'ibmvscsis_probe':
> drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c:3479:2: error: 'strncat' specified
> bound 64 equals destination size [-Werror=stringop-overflow=]
> strncat(vscsi->eye, vdev->name, MAX_EYE);
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Switch to a single snprintf instead of a strcpy + strcat to handle this
> cleanly.
>
> Signed-off-by: Laura Abbott <labbott@redhat.com>
> ---
> v3: Make sure there is an extra space in the partition name
> ---
> drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
Reviewed-by: Bryant G. Ly bly@catalogicsoftware.com
I sent a PR to update my email from bryantly@linux.vnet.ibm.com a week ago.
-Bryant
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated
2018-09-11 19:22 ` [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott
2018-09-11 19:33 ` Kees Cook
@ 2018-09-18 0:38 ` Bryant Ly
1 sibling, 0 replies; 7+ messages in thread
From: Bryant Ly @ 2018-09-18 0:38 UTC (permalink / raw)
To: Laura Abbott
Cc: Bryant G. Ly, Michael Cyr, Kees Cook, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, target-devel, linux-kernel
> On Sep 11, 2018, at 2:22 PM, Laura Abbott <labbott@redhat.com> wrote:
>
> While reviewing another part of the code, Kees noticed that the
> strncpy of the partition name might not always be NUL terminated. Switch
> to using strscpy which does this safely.
>
> Reported-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Laura Abbott <labbott@redhat.com>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> v2: Switch to strscpy instead of just strlcpy
> ---
> drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Reviewed-by: Bryant G. Ly bly@catalogicsoftware.com
I sent a PR to update my email from bryantly@linux.vnet.ibm.com a week ago.
-Bryant
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-09-18 1:38 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-11 19:22 [PATCHv3 0/2] String fixups in ibmvscsi Laura Abbott
2018-09-11 19:22 ` [PATCHv3 1/2] scsi: ibmvscsis: Fix a stringop-overflow warning Laura Abbott
2018-09-18 0:37 ` Ly, Bryant
2018-09-11 19:22 ` [PATCHv2 2/2] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott
2018-09-11 19:33 ` Kees Cook
2018-09-18 0:38 ` Bryant Ly
2018-09-17 6:51 ` [PATCHv3 0/2] String fixups in ibmvscsi Martin K. Petersen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).