* Re: [PATCH] ima: Replacing deprecated strlcpy with strscpy ~~~~~~~~~ Replace
@ 2021-02-19 17:38 Jarkko Sakkinen
2021-03-02 7:52 ` Palash Oswal
0 siblings, 1 reply; 2+ messages in thread
From: Jarkko Sakkinen @ 2021-02-19 17:38 UTC (permalink / raw)
To: Palash Oswal
Cc: Mimi Zohar, Dmitry Kasatkin, James Morris, Serge E. Hallyn,
linux-integrity, linux-security-module, linux-kernel
Reply-To:
In-Reply-To: <20210219084038.GA7564@g3.oswalpalash.com>
On Fri, Feb 19, 2021 at 02:10:38PM +0530, Palash Oswal wrote:
> The strlcpy() function is unsafe in that the source buffer length
> is unbounded or possibly be non NULL terminated. This can cause
> memory over-reads, crashes, etc.
>
> Link: https://github.com/KSPP/linux/issues/89
> Signed-off-by: Palash Oswal <hello@oswalpalash.com>
The long description does not explain what the commit does, and
does not include any details about deprecation of strlcpy(), which
at least I'm not aware of.
I don't think *length* ever is NULL terminated. The first sentence
is somewhat weird. Also strlcpy() does have a bounds check.
Generally, the description and reasoning is sloppy to say the
least.
/Jarkko
> ---
> security/integrity/ima/ima_api.c | 2 +-
> security/integrity/ima/ima_policy.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
> index 1dd70dc68ffd..2f3b8257181d 100644
> --- a/security/integrity/ima/ima_api.c
> +++ b/security/integrity/ima/ima_api.c
> @@ -399,7 +399,7 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *namebuf)
> }
>
> if (!pathname) {
> - strlcpy(namebuf, path->dentry->d_name.name, NAME_MAX);
> + strscpy(namebuf, path->dentry->d_name.name, NAME_MAX);
> pathname = namebuf;
> }
>
> diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
> index 9b45d064a87d..010839aef6ba 100644
> --- a/security/integrity/ima/ima_policy.c
> +++ b/security/integrity/ima/ima_policy.c
> @@ -791,7 +791,7 @@ static int __init ima_init_arch_policy(void)
> char rule[255];
> int result;
>
> - result = strlcpy(rule, *rules, sizeof(rule));
> + strscpy(rule, *rules, sizeof(rule));
>
> INIT_LIST_HEAD(&arch_policy_entry[i].list);
> result = ima_parse_rule(rule, &arch_policy_entry[i]);
>
> base-commit: f6692213b5045dc461ce0858fb18cf46f328c202
> --
> 2.27.0
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] ima: Replacing deprecated strlcpy with strscpy ~~~~~~~~~ Replace
2021-02-19 17:38 [PATCH] ima: Replacing deprecated strlcpy with strscpy ~~~~~~~~~ Replace Jarkko Sakkinen
@ 2021-03-02 7:52 ` Palash Oswal
0 siblings, 0 replies; 2+ messages in thread
From: Palash Oswal @ 2021-03-02 7:52 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: Mimi Zohar, Dmitry Kasatkin, James Morris, Serge E. Hallyn,
linux-integrity, linux-security-module, linux-kernel
Apologies for the in-accurate description. This patch is covered under
the patch-set by Romain Perier ( https://lkml.org/lkml/2021/2/22/739 )
and can be disregarded.
Best Regards,
Palash
On Fri, Feb 19, 2021 at 11:09 PM Jarkko Sakkinen <jarkko@kernel.org> wrote:
>
> Reply-To:
> In-Reply-To: <20210219084038.GA7564@g3.oswalpalash.com>
>
> On Fri, Feb 19, 2021 at 02:10:38PM +0530, Palash Oswal wrote:
> > The strlcpy() function is unsafe in that the source buffer length
> > is unbounded or possibly be non NULL terminated. This can cause
> > memory over-reads, crashes, etc.
> >
> > Link: https://github.com/KSPP/linux/issues/89
> > Signed-off-by: Palash Oswal <hello@oswalpalash.com>
>
> The long description does not explain what the commit does, and
> does not include any details about deprecation of strlcpy(), which
> at least I'm not aware of.
>
> I don't think *length* ever is NULL terminated. The first sentence
> is somewhat weird. Also strlcpy() does have a bounds check.
>
> Generally, the description and reasoning is sloppy to say the
> least.
>
> /Jarkko
>
>
> > ---
> > security/integrity/ima/ima_api.c | 2 +-
> > security/integrity/ima/ima_policy.c | 2 +-
> > 2 files changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
> > index 1dd70dc68ffd..2f3b8257181d 100644
> > --- a/security/integrity/ima/ima_api.c
> > +++ b/security/integrity/ima/ima_api.c
> > @@ -399,7 +399,7 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *namebuf)
> > }
> >
> > if (!pathname) {
> > - strlcpy(namebuf, path->dentry->d_name.name, NAME_MAX);
> > + strscpy(namebuf, path->dentry->d_name.name, NAME_MAX);
> > pathname = namebuf;
> > }
> >
> > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
> > index 9b45d064a87d..010839aef6ba 100644
> > --- a/security/integrity/ima/ima_policy.c
> > +++ b/security/integrity/ima/ima_policy.c
> > @@ -791,7 +791,7 @@ static int __init ima_init_arch_policy(void)
> > char rule[255];
> > int result;
> >
> > - result = strlcpy(rule, *rules, sizeof(rule));
> > + strscpy(rule, *rules, sizeof(rule));
> >
> > INIT_LIST_HEAD(&arch_policy_entry[i].list);
> > result = ima_parse_rule(rule, &arch_policy_entry[i]);
> >
> > base-commit: f6692213b5045dc461ce0858fb18cf46f328c202
> > --
> > 2.27.0
> >
> >
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-03-02 8:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-19 17:38 [PATCH] ima: Replacing deprecated strlcpy with strscpy ~~~~~~~~~ Replace Jarkko Sakkinen
2021-03-02 7:52 ` Palash Oswal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).