Re: [PATCH] kdb: prefer strlcpy to strncpy

From: Geert Uytterhoeven
Date: Wed May 30 2018 - 16:47:22 EST

Next message: Kees Cook: "[PATCH v2] mdio-mux-gpio: Remove VLA usage"
Previous message: Jarkko Sakkinen: "[PATCH v2 2/2] tpm: self test failure should not cause suspend to fail"
In reply to: Daniel Thompson: "Re: [PATCH] kdb: prefer strlcpy to strncpy"
Next in thread: Daniel Thompson: "Re: [PATCH] kdb: prefer strlcpy to strncpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

H Daniel,

On Wed, May 30, 2018 at 4:34 PM, Daniel Thompson
<daniel.thompson@xxxxxxxxxx> wrote:
> On Tue, May 29, 2018 at 07:01:35PM -0700, Nick Desaulniers wrote:
>> On Tue, May 29, 2018 at 12:57 AM, Arnd Bergmann <arnd@xxxxxxxx> wrote:
>> > On Tue, May 29, 2018 at 7:57 AM, Nick Desaulniers
>> > <nick.desaulniers@xxxxxxxxx> wrote:
>> >> Fixes stringop-truncation and stringop-overflow warnings from gcc-8.

>> Eric points out that this will leak kernel memory if size is less than
>> sizeof src.
>
> Don't quite understand what this means (there's no allocation here, how
> can there be a leak?) but the symbol completion certainly won't work if
> we truncate the copy here.

Not leak an is memory leak, but leak as in information leak of uninitialized
data to userspace (if the buffer is ever copied to userspace).

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

Next message: Kees Cook: "[PATCH v2] mdio-mux-gpio: Remove VLA usage"
Previous message: Jarkko Sakkinen: "[PATCH v2 2/2] tpm: self test failure should not cause suspend to fail"
In reply to: Daniel Thompson: "Re: [PATCH] kdb: prefer strlcpy to strncpy"
Next in thread: Daniel Thompson: "Re: [PATCH] kdb: prefer strlcpy to strncpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]