Re: [PATCH v2] x86/boot: Rename overlapping memcpy() to memmove()

From: Kees Cook
Date: Thu Apr 28 2016 - 12:49:39 EST

Next message: Arnd Bergmann: "Re: [PATCH V5 1/6] SLIMbus: Device management on SLIMbus"
Previous message: Vaishali Thakkar: "[PATCH] perf tests: Do not use sizeof on pointer type"
In reply to: One Thousand Gnomes: "Re: [PATCH v2] x86/boot: Rename overlapping memcpy() to memmove()"
Next in thread: Ingo Molnar: "Re: [PATCH v2] x86/boot: Rename overlapping memcpy() to memmove()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 28, 2016 at 9:47 AM, One Thousand Gnomes
<gnomes@xxxxxxxxxxxxxxxxxxx> wrote:
> O> For example, this is what I've got currently:
>>
>> /* Detect and warn about potential overlaps. */
>> void *memcpy(void *dest, const void *src, size_t n)
>> {
>> if (dest > src && dest - src < n)
>> warn("Potentially unsafe overlapping memcpy detected!");
>> return __memcpy(dest, src, n);
>> }
>>
>> Does that seem okay? If so, I'll send the patch...
>
> Probably useful for debug, but instead of relying on __memcpy
> happening to handle overlaps - which isn't portable you could instead
> debug all platforms by doing
>
> if (...) {
> warn(...)
> memmove()
> } else
> __memcpy
>

Yeah, that's kind of where we started (but without the warning). I
prefer this, since we don't run the risk of MAYBE breaking. We warn,
but we remain safe.

-Kees

--
Kees Cook
Chrome OS & Brillo Security

Next message: Arnd Bergmann: "Re: [PATCH V5 1/6] SLIMbus: Device management on SLIMbus"
Previous message: Vaishali Thakkar: "[PATCH] perf tests: Do not use sizeof on pointer type"
In reply to: One Thousand Gnomes: "Re: [PATCH v2] x86/boot: Rename overlapping memcpy() to memmove()"
Next in thread: Ingo Molnar: "Re: [PATCH v2] x86/boot: Rename overlapping memcpy() to memmove()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]