public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/lib
History
Kees Cook 0efc5990bc string.h: Introduce memtostr() and memtostr_pad() 
Another ambiguous use of strncpy() is to copy from strings that may not
be NUL-terminated. These cases depend on having the destination buffer
be explicitly larger than the source buffer's maximum size, having
the size of the copy exactly match the source buffer's maximum size,
and for the destination buffer to get explicitly NUL terminated.

This usually happens when parsing protocols or hardware character arrays
that are not guaranteed to be NUL-terminated. The code pattern is
effectively this:

	char dest[sizeof(src) + 1];

	strncpy(dest, src, sizeof(src));
	dest[sizeof(dest) - 1] = '\0';

In practice it usually looks like:

struct from_hardware {
	...
	char name[HW_NAME_SIZE] __nonstring;
	...
};

	struct from_hardware *p = ...;
	char name[HW_NAME_SIZE + 1];

	strncpy(name, p->name, HW_NAME_SIZE);
	name[NW_NAME_SIZE] = '\0';

This cannot be replaced with:

	strscpy(name, p->name, sizeof(name));

because p->name is smaller and not NUL-terminated, so FORTIFY will
trigger when strnlen(p->name, sizeof(name)) is used. And it cannot be
replaced with:

	strscpy(name, p->name, sizeof(p->name));

because then "name" may contain a 1 character early truncation of
p->name.

Provide an unambiguous interface for converting a maybe not-NUL-terminated
string to a NUL-terminated string, with compile-time buffer size checking
so that it can never fail at runtime: memtostr() and memtostr_pad(). Also
add KUnit tests for both.

Link: https://lore.kernel.org/r/20240410023155.2100422-1-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
2024-04-24 08:57:09 -07:00
..
842
crypto crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init 2023-12-22 12:30:19 +08:00
dim
fonts fbdev fixes and cleanups for 6.9-rc1: 2024-03-22 10:09:08 -07:00
kunit kunit: test: Log the correct filter string in executor_test 2024-02-27 15:25:50 -07:00
lz4
lzo
math mul_u64_u64_div_u64: increase precision by conditionally swapping a and b 2024-03-12 13:09:22 -07:00
pldmfw
raid6 - Kuan-Wei Chiu has developed the well-named series "lib min_heap: Min 2024-03-14 18:03:09 -07:00
reed_solomon
test_fortify string: Remove strlcpy() 2024-01-19 11:59:11 -08:00
vdso
xz arch: Remove Itanium (IA-64) architecture 2023-09-11 08:13:17 +00:00
zlib_deflate
zlib_dfltcc
zlib_inflate
zstd zstd: Fix array-index-out-of-bounds UBSAN warning 2023-11-14 17:12:52 -08:00
.gitignore
argv_split.c argv_split: fix kernel-doc warnings 2023-09-19 13:21:33 -07:00
ashldi3.c
ashrdi3.c
asn1_decoder.c
asn1_encoder.c
assoc_array.c assoc_array: fix the return value in assoc_array_insert_mid_shortcut() 2024-03-12 13:09:23 -07:00
atomic64.c
atomic64_test.c
audit.c
base64.c
bcd.c
bch.c lib/bch.c: use bitrev instead of internal logic 2023-08-18 10:18:58 -07:00
bitfield_kunit.c
bitmap-str.c lib/bitmap: split-out string-related operations to a separate files 2023-10-14 20:25:22 -07:00
bitmap.c cpumask: add cpumask_weight_andnot() 2024-02-01 13:06:40 +01:00
bitrev.c
bootconfig-data.S
bootconfig.c
bsearch.c
btree.c
bucket_locks.c
bug.c
build_OID_registry
buildid.c - Kuan-Wei Chiu has developed the well-named series "lib min_heap: Min 2024-03-14 18:03:09 -07:00
bust_spinlocks.c
check_signature.c
checksum.c
checksum_kunit.c kunit: Fix again checksum tests on big endian CPUs 2024-02-29 09:16:02 -08:00
closure.c closures: CLOSURE_CALLBACK() to fix type punning 2023-11-24 00:29:58 -05:00
clz_ctz.c lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels 2023-08-25 13:22:10 -07:00
clz_tab.c
cmdline.c
cmdline_kunit.c lib/cmdline: Fix an invalid format specifier in an assertion msg 2024-02-27 15:25:56 -07:00
cmpdi2.c
compat_audit.c
cpu_rmap.c
cpumask.c bitmap patches for v6.7 2023-11-03 07:08:36 -10:00
cpumask_kunit.c
crc-ccitt.c lib: crc_ccitt_false() is identical to crc_itu_t() 2023-12-29 12:22:26 -08:00
crc-itu-t.c
crc-t10dif.c
crc4.c
crc7.c
crc8.c
crc16.c
crc32.c
crc32defs.h
crc32test.c
crc64-rocksoft.c
crc64.c
ctype.c
debug_info.c
debug_locks.c
debugobjects.c debugobjects: Stop accessing objects after releasing hash bucket lock 2023-11-22 10:41:46 +01:00
dec_and_lock.c
decompress.c
decompress_bunzip2.c
decompress_inflate.c
decompress_unlz4.c
decompress_unlzma.c
decompress_unlzo.c
decompress_unxz.c arch: Remove Itanium (IA-64) architecture 2023-09-11 08:13:17 +00:00
decompress_unzstd.c
devmem_is_allowed.c
devres.c PCI: Move PCI-specific devres code to drivers/pci/ 2024-02-12 10:36:17 -06:00
dhry.h
dhry_1.c lib: dhry: use ktime_ms_delta() helper 2024-02-22 15:38:52 -08:00
dhry_2.c
dhry_run.c lib: dhry: remove unneeded <linux/mutex.h> 2024-02-22 15:38:52 -08:00
digsig.c
dump_stack.c dump_stack: Do not get cpu_sync for panic CPU 2024-02-07 17:23:19 +01:00
dynamic_debug.c dyndbg: replace kstrdup() + strchr() with kstrdup_and_replace() 2024-03-06 13:07:39 -08:00
dynamic_queue_limits.c net: dqs: add NIC stall detector based on BQL 2024-03-08 10:23:26 +00:00
earlycpio.c
errname.c parisc: Drop the HP-UX ENOSYM and EREMOTERELEASE error codes 2023-11-25 09:43:18 +01:00
error-inject.c lib: error-inject: remove error checking for debugfs_create_dir() 2023-08-18 10:18:55 -07:00
errseq.c
extable.c
fault-inject-usercopy.c
fault-inject.c
fdt.c
fdt_addresses.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_bit.c
find_bit_benchmark.c
flex_proportions.c flex_proportions: remove unused fprop_local_single 2024-02-22 15:38:52 -08:00
fortify_kunit.c fortify: Improve buffer overflow reporting 2024-02-29 13:38:02 -08:00
fw_table.c lib/firmware_table: Provide buffer length argument to cdat_table_parse() 2024-03-13 00:03:21 -07:00
gen_crc32table.c
gen_crc64table.c
genalloc.c Devicetree include cleanups for v6.6: 2023-08-30 17:04:28 -07:00
generic-radix-tree.c lib/generic-radix-tree.c: Make nodes more reasonably sized 2024-03-13 21:22:26 -04:00
glob.c
globtest.c
group_cpus.c lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly 2023-12-06 16:12:46 -08:00
hashtable_test.c
hexdump.c
hweight.c
idr.c ida: Fix crash in ida_free when the bitmap is empty 2023-12-21 10:02:28 -08:00
inflate.c
interval_tree.c
interval_tree_test.c
iomap.c
iomap_copy.c
iommu-helper.c
iov_iter.c vfs-6.9.misc 2024-03-11 09:38:17 -07:00
irq_poll.c
irq_regs.c
is_signed_type_kunit.c
is_single_threaded.c
kasprintf.c
Kconfig PCI: Move pci_iomap.c to drivers/pci/ 2024-02-12 10:35:40 -06:00
Kconfig.debug string: Merge strcat KUnit tests into string_kunit.c 2024-04-19 13:12:01 -07:00
Kconfig.kasan treewide: update LLVM Bugzilla links 2024-02-22 15:38:51 -08:00
Kconfig.kcsan
Kconfig.kfence mm/slab: remove CONFIG_SLAB from all Kconfig and Makefile 2023-12-05 11:14:40 +01:00
Kconfig.kgdb vt: remove superfluous CONFIG_HW_CONSOLE 2024-01-27 19:03:51 -08:00
Kconfig.kmsan mm/slab: remove CONFIG_SLAB from all Kconfig and Makefile 2023-12-05 11:14:40 +01:00
Kconfig.ubsan ubsan: Disable signed integer overflow sanitizer on GCC < 8 2024-03-18 11:24:14 -07:00
kfifo.c
klist.c
kobject.c Revert "kobject: Remove redundant checks for whether ktype is NULL" 2024-02-08 16:39:25 +00:00
kobject_uevent.c kobject: reduce uevent_sock_mutex scope 2024-02-17 16:20:41 +01:00
kstrtox.c kstrtox: consistently use _tolower() 2023-08-21 13:46:25 -07:00
kstrtox.h
kunit_iov_iter.c iov_iter: Kunit tests for page extraction 2023-09-09 15:11:49 -07:00
libcrc32c.c
linear_ranges.c
list-test.c
list_debug.c
list_sort.c
llist.c llist: add llist_del_first_this() 2023-10-16 12:44:06 -04:00
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c
logic_iomem.c
logic_pio.c minmax: add in_range() macro 2023-08-24 16:20:18 -07:00
lru_cache.c
lshrdi3.c
lwq.c lib: add light-weight queuing mechanism. 2023-10-16 12:44:06 -04:00
Makefile string: Merge strcat KUnit tests into string_kunit.c 2024-04-19 13:12:01 -07:00
maple_tree.c - Sumanth Korikkar has taught s390 to allocate hotplug-time page frames 2024-03-14 17:43:30 -07:00
memcat_p.c
memcpy_kunit.c Revert "kunit: memcpy: Split slow memcpy tests into MEMCPY_SLOW_KUNIT_TEST" 2024-03-18 11:24:15 -07:00
memory-notifier-error-inject.c
memregion.c
memweight.c
muldi3.c
net_utils.c
netdev-notifier-error-inject.c
nlattr.c netlink: add nla be16/32 types to minlen array 2024-02-22 19:01:55 -08:00
nmi_backtrace.c nmi_backtrace: allow excluding an arbitrary CPU 2023-08-18 10:19:00 -07:00
notifier-error-inject.c lib: remove error checking for debugfs_create_dir() 2023-08-18 10:18:55 -07:00
notifier-error-inject.h
objagg.c
objpool.c lib: objpool: fix head overrun on RK3588 SBC 2023-12-01 14:53:55 +09:00
of-reconfig-notifier-error-inject.c
oid_registry.c
once.c
overflow_kunit.c overflow: Change DEFINE_FLEX to take __counted_by member 2024-03-22 16:25:31 -07:00
packing.c
parman.c
parser.c
percpu-refcount.c
percpu_counter.c percpu_counter: extend _limited_add() to negative amounts 2023-10-18 14:34:14 -07:00
percpu_test.c
plist.c
pm-notifier-error-inject.c
polynomial.c
radix-tree.c radix tree: remove unused variable 2023-08-21 13:07:22 -07:00
radix-tree.h
random32.c
ratelimit.c
rbtree.c
rbtree_test.c
rcuref.c locking/atomics: Use atomic_try_cmpxchg_release() to micro-optimize rcuref_put_slowpath() 2023-10-10 10:14:27 +02:00
ref_tracker.c
refcount.c
rhashtable.c
sbitmap.c sbitmap: remove stale comment in sbq_calc_wake_batch 2024-01-15 07:23:50 -07:00
scatterlist.c scatterlist: add missing function params to kernel-doc 2023-09-19 13:21:33 -07:00
seq_buf.c seq_buf: Fix kernel documentation 2024-02-15 12:17:28 -05:00
sg_pool.c
sg_split.c
siphash.c
siphash_kunit.c
slub_kunit.c
smp_processor_id.c
sort.c lib/sort: optimize heapsort with double-pop variation 2024-02-22 15:38:52 -08:00
stackdepot.c lib/stackdepot: off by one in depot_fetch_stack() 2024-03-04 17:01:17 -08:00
stackinit_kunit.c - Kuan-Wei Chiu has developed the well-named series "lib min_heap: Min 2024-03-14 18:03:09 -07:00
stmp_device.c
string.c string: Allow 2-argument strscpy() 2024-02-20 20:47:32 -08:00
string_helpers.c lib/string_helpers: Add flags param to string_get_size() 2024-02-29 22:34:42 -08:00
string_helpers_kunit.c string: Convert helpers selftest to KUnit 2024-03-05 01:55:28 -08:00
string_kunit.c string.h: Introduce memtostr() and memtostr_pad() 2024-04-24 08:57:09 -07:00
strncpy_from_user.c
strnlen_user.c
syscall.c
test-kstrtox.c
test_bitmap.c lib/bitmap: Introduce bitmap_scatter() and bitmap_gather() helpers 2024-03-11 09:36:11 +00:00
test_bitops.c
test_bits.c
test_blackhole_dev.c net: blackhole_dev: fix build warning for ethh set but not used 2024-02-05 12:30:54 +00:00
test_bpf.c test_bpf: Rename second ALU64_SMOD_X to ALU64_SMOD_K 2023-12-09 21:27:54 -08:00
test_debug_virtual.c
test_dynamic_debug.c
test_firmware.c firmware_loader: Expand Firmware upload error codes with firmware invalid error 2023-11-24 18:09:19 -08:00
test_fprobe.c
test_fpu.c
test_free_pages.c
test_hash.c
test_hexdump.c
test_hmm.c lib: replace kmap() with kmap_local_page() 2023-08-18 10:18:50 -07:00
test_hmm_uapi.h
test_ida.c Quite a lot of kexec work this time around. Many singleton patches in 2024-01-09 11:46:20 -08:00
test_kmod.c lib/test_kmod: fix kernel-doc warnings 2024-02-02 10:21:26 -08:00
test_kprobes.c
test_linear_ranges.c
test_list_sort.c
test_lockup.c
test_maple_tree.c test_maple_tree: testing the cyclic allocation 2024-02-21 09:34:26 +01:00
test_memcat_p.c
test_meminit.c mm, treewide: introduce NR_PAGE_ORDERS 2024-01-08 15:27:15 -08:00
test_min_heap.c
test_module.c
test_objagg.c
test_objpool.c lib: test_objpool: make global variables static 2023-11-10 19:59:04 +09:00
test_parman.c
test_printf.c lib/vsprintf: declare no_hash_pointers in sprintf.h 2023-08-21 13:46:24 -07:00
test_ref_tracker.c
test_rhashtable.c Kill sched.h dependency on rcupdate.h 2023-12-27 11:50:20 -05:00
test_scanf.c
test_sort.c
test_static_key_base.c
test_static_keys.c
test_sysctl.c sysctl: Remove the now superfluous sentinel elements from ctl_table array 2023-12-28 04:57:57 -08:00
test_ubsan.c ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
test_user_copy.c
test_uuid.c
test_vmalloc.c lib/test_vmalloc.c: use unsigned long constant 2024-03-04 17:01:22 -08:00
test_xarray.c XArray: add cmpxchg order test 2024-02-22 10:24:48 -08:00
textsearch.c
timerqueue.c
trace_readwrite.c lib/trace_readwrite.c:: replace asm-generic/io with linux/io 2023-12-29 12:22:29 -08:00
ts_bm.c
ts_fsm.c
ts_kmp.c
ubsan.c ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
ubsan.h ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
ucmpdi2.c
ucs2_string.c lib/ucs2_string: Add UCS-2 strscpy function 2023-09-13 10:18:42 -07:00
usercopy.c
uuid.c
vsprintf.c lib/vsprintf: Fix %pfwf when current node refcount == 0 2023-12-06 11:06:59 +01:00
win_minmax.c
xarray.c xarray: Document necessary flag in alloc functions 2023-09-05 19:01:38 -04:00
xxhash.c