From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753950AbdGXUcb (ORCPT ); Mon, 24 Jul 2017 16:32:31 -0400 Received: from mga02.intel.com ([134.134.136.20]:61035 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753565AbdGXUcL (ORCPT ); Mon, 24 Jul 2017 16:32:11 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.40,408,1496127600"; d="asc'?scan'208";a="130635427" From: "Rustad, Mark D" To: Florian Fainelli CC: Salil Mehta , "davem@davemloft.net" , "yisen.zhuang@huawei.com" , "huangdaode@hisilicon.com" , "lipeng321@huawei.com" , "mehta.salil.lnk@gmail.com" , "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-rdma@vger.kernel.org" , "linuxarm@huawei.com" Subject: Re: [PATCH V4 net-next 7/8] net: hns3: Add Ethtool support to HNS3 driver Thread-Topic: [PATCH V4 net-next 7/8] net: hns3: Add Ethtool support to HNS3 driver Thread-Index: AQHTAzei9/ithVoLOUK1fG1D/dHApKJiGo4AgAHMMYA= Date: Mon, 24 Jul 2017 20:32:07 +0000 Message-ID: References: <20170722220942.78852-1-salil.mehta@huawei.com> <20170722220942.78852-8-salil.mehta@huawei.com> <23ddbe00-8bef-a09b-5783-3a5438086bd6@gmail.com> In-Reply-To: <23ddbe00-8bef-a09b-5783-3a5438086bd6@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.233.80.130] Content-Type: multipart/signed; boundary="Apple-Mail=_8826735D-3F14-4F03-BD30-C8A3C6E0187D"; protocol="application/pgp-signature"; micalg=pgp-sha256 MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --Apple-Mail=_8826735D-3F14-4F03-BD30-C8A3C6E0187D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jul 23, 2017, at 10:05 AM, Florian Fainelli = wrote: >> + >> + strncpy(drvinfo->version, HNAE_DRIVER_VERSION, >> + sizeof(drvinfo->version)); >> + drvinfo->version[sizeof(drvinfo->version) - 1] =3D '\0'; >=20 > strlcpy() would probably do that for you. You need to be careful about strlcpy - it does not completely write the = destination buffer as strncpy does, and so can result in a kernel memory = leak if the destination is not known to already be cleared. >> + >> + strncpy(drvinfo->driver, HNAE_DRIVER_NAME, = sizeof(drvinfo->driver)); >> + drvinfo->driver[sizeof(drvinfo->driver) - 1] =3D '\0'; >=20 > Same here Same here >> + >> + strncpy(drvinfo->bus_info, priv->dev->bus->name, >> + sizeof(drvinfo->bus_info));> + = drvinfo->bus_info[ETHTOOL_BUSINFO_LEN - 1] =3D '\0'; >=20 > And here. And here too. I haven't looked at this deeply enough to know whether a = leak could be created by strlcpy here, but I wanted to raise it as = something to be considered before switching to it. Blindly adopting = strlcpy is hazardous as are tools that unconditionally recommend it. -- Mark Rustad, Networking Division, Intel Corporation --Apple-Mail=_8826735D-3F14-4F03-BD30-C8A3C6E0187D Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="signature.asc" Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJZdllHAAoJEDwO/+eO4+5uouUQAIeW2ig4oookdjFSEntJ80zG wUqg+R+/3LH8hlffssUFzzsBFaArO/m1oYgXLx6ThVZvwZ4Mf/iRd1Wlxe+iuQ2y O6VPTyI2CZlaFxUUZ/13ydszLLuDWc7pVs3Q1VQpL6ZQSaBQ8DbIFFheFh9bFiiM QaVqN0Pvb8qUXKM/m3CvMRTL/PxYvDD3HgXihP466Qxo7gXgS/Kecewwt3kvdXB9 FtFY6q+jRZSVAHrltiGvu/zeQ2xoR9Cw6OKvsv/i2Lj2smV+J2yBaysCXOR0Kqmg kp3gcKv2hOe0PXsMidFB0zRvUkF4OoicJ+BJotFR/BVXeJASRcOf3U0K6jGujCHr OHQ1bAVmxPRa44lZujKi/aZB5qJ383qk9bNw0EkR2AIV2dnZHSHGgZ42x8J7yLDh 7kvlVHGKIGJRjuRo4OmxVEgSYWnXyHNJ0Q50psCzQFVM7AVbgAfu2gJtWjy7plN0 aeenMDmguQFOdFeS9rlqLAbOzblzsGF7Y2A3zZs0EN7iXiyprNogJMd79JBgpTHS y4yVYn/4861KGM7vDEWvExYHrJFUVX+GB1Gk1mpnK5Wgi43tSCkqV9uzw1K/KR+V tD2I1mDSkYzrFq+SGMyfOV6Y0Kyr0wPm9YRgoZGQ4dHUx+wyylp6GTTv3eumsJ1+ CDn8f7b5YJ9B+R/8AiO5 =Qnlk -----END PGP SIGNATURE----- --Apple-Mail=_8826735D-3F14-4F03-BD30-C8A3C6E0187D--