Re: [PATCH 8/8] nfsd: Fix misuse of strlcpy

From: Joe Perches
Date: Tue Jul 09 2019 - 01:41:00 EST


On Mon, 2019-07-08 at 23:14 -0400, J. Bruce Fields wrote:
> On Thu, Jul 04, 2019 at 04:57:48PM -0700, Joe Perches wrote:
> > Probable cut&paste typo - use the correct field size.
>
> Huh, that's been there forever, I wonder why we haven't seen crashes?
> Oh, I see, name and authname both have the same size.
>
> Anyway, makes sense, thanks. Will apply for 5.3.
>
> (Unless someone else is getting this; I didn't get copied on the rest of
> the series.)

It's generally hard to cc everyone on treewide fixes like this.

There's no good mechanism I know of.
vger mailing lists reject emails with too many addressees.

Do you have an opinion on adding the stracpy macro which
could avoid many of these defects?

---
include/linux/string.h | 16 ++++++++++++++++
1 file changed, 16 insertions(+)

diff --git a/include/linux/string.h b/include/linux/string.h
index 4deb11f7976b..ef01bd6f19df 100644
--- a/include/linux/string.h
+++ b/include/linux/string.h
@@ -35,6 +35,22 @@ ssize_t strscpy(char *, const char *, size_t);
/* Wraps calls to strscpy()/memset(), no arch specific code required */
ssize_t strscpy_pad(char *dest, const char *src, size_t count);

+#define stracpy(to, from) \
+({ \
+ size_t size = ARRAY_SIZE(to); \
+ BUILD_BUG_ON(!__same_type(typeof(*to), char)); \
+ \
+ strscpy(to, from, size); \
+})
+
+#define stracpy_pad(to, from) \
+({ \
+ size_t size = ARRAY_SIZE(to); \
+ BUILD_BUG_ON(!__same_type(typeof(*to), char)); \
+ \
+ strscpy_pad(to, from, size); \
+})
+
#ifndef __HAVE_ARCH_STRCAT
extern char * strcat(char *, const char *);
#endif