Re: [PATCH 7/7] netfilter: xtables: refactor deprecated strncpy

From: Jan Engelhardt
Date: Tue Aug 08 2023 - 19:20:39 EST

Next message: Sean Christopherson: "[PATCH] KVM: x86: Remove WARN sanity check on hypervisor timer vs. UNINITIALIZED vCPU"
Previous message: Thomas Gleixner: "Re: [patch 00/53] x86/topology: The final installment"
In reply to: Justin Stitt: "[PATCH 7/7] netfilter: xtables: refactor deprecated strncpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday 2023-08-09 00:48, Justin Stitt wrote:

>Prefer `strscpy` as it's a more robust interface.
>
>There may have existed a bug here due to both `tbl->repl.name` and
>`info->name` having a size of 32 as defined below:
>| #define XT_TABLE_MAXNAMELEN 32
>
>This may lead to buffer overreads in some situations -- `strscpy` solves
>this by guaranteeing NUL-termination of the dest buffer.

It generally will not lead to overreads.
xt not only deals with strings on its own turf, it even takes
them from userspace-provided buffers, which means extra scrutiny is
absolutely required. Done in places like

x_tables.c: if (strnlen(name, XT_EXTENSION_MAXNAMELEN) == XT_EXTENSION_MAXNAMELEN)

(Which is not to say the strncpy->strscpy mop-up is bad.)

Next message: Sean Christopherson: "[PATCH] KVM: x86: Remove WARN sanity check on hypervisor timer vs. UNINITIALIZED vCPU"
Previous message: Thomas Gleixner: "Re: [patch 00/53] x86/topology: The final installment"
In reply to: Justin Stitt: "[PATCH 7/7] netfilter: xtables: refactor deprecated strncpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]