leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
98388bda6a
linux/Documentation
History
Kees Cook dfbafa70bd string: Introduce strtomem() and strtomem_pad() 
One of the "legitimate" uses of strncpy() is copying a NUL-terminated
string into a fixed-size non-NUL-terminated character array. To avoid
the weaknesses and ambiguity of intent when using strncpy(), provide
replacement functions that explicitly distinguish between trailing
padding and not, and require the destination buffer size be discoverable
by the compiler.

For example:

struct obj {
	int foo;
	char small[4] __nonstring;
	char big[8] __nonstring;
	int bar;
};

struct obj p;

/* This will truncate to 4 chars with no trailing NUL */
strncpy(p.small, "hello", sizeof(p.small));
/* p.small contains 'h', 'e', 'l', 'l' */

/* This will NUL pad to 8 chars. */
strncpy(p.big, "hello", sizeof(p.big));
/* p.big contains 'h', 'e', 'l', 'l', 'o', '\0', '\0', '\0' */

When the "__nonstring" attributes are missing, the intent of the
programmer becomes ambiguous for whether the lack of a trailing NUL
in the p.small copy is a bug. Additionally, it's not clear whether
the trailing padding in the p.big copy is _needed_. Both cases
become unambiguous with:

strtomem(p.small, "hello");
strtomem_pad(p.big, "hello", 0);

See also https://github.com/KSPP/linux/issues/90

Expand the memcpy KUnit tests to include these functions.

Cc: Wolfram Sang <wsa+renesas@sang-engineering.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
2022-09-07 16:37:26 -07:00
..
ABI xen: branch for v6.0-rc1b 2022-08-14 09:28:54 -07:00
accounting
admin-guide Fix the "IBPB mitigated RETBleed" mode of operation on AMD CPUs 2022-08-13 14:24:12 -07:00
arc
arm SPDX changes for 6.0-rc1 2022-08-04 12:12:54 -07:00
arm64 This was a moderately busy cycle for documentation, but nothing all that 2022-08-02 19:24:24 -07:00
block null_blk: add module parameters for 4 options 2022-08-02 17:14:50 -06:00
bpf bpf: Update bpf_design_QA.rst to clarify that BTF_ID does not ABIify a function 2022-08-04 13:17:24 -07:00
cdrom
core-api Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
cpu-freq
crypto
dev-tools - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
devicetree drm fixes for 6.0-rc2 2022-08-19 09:39:32 -07:00
doc-guide
driver-api cxl for 6.0 2022-08-10 11:07:26 -07:00
fault-injection SUNRPC: Fix server-side fault injection documentation 2022-07-29 20:08:56 -04:00
fb
features Xtensa updates for v5.20 2022-08-04 15:35:58 -07:00
filesystems f2fs-for-6.0 2022-08-08 11:18:31 -07:00
firmware_class
firmware-guide Documentation: ACPI: EINJ: Fix obsolete example 2022-07-21 17:05:42 +02:00
fpga
gpu Merge tag 'amd-drm-next-5.20-2022-07-26' of https://gitlab.freedesktop.org/agd5f/linux into drm-next 2022-07-27 09:33:45 +10:00
hid
hwmon This was a moderately busy cycle for documentation, but nothing all that 2022-08-02 19:24:24 -07:00
i2c docs: i2c: i2c-sysfs: fix hyperlinks 2022-08-11 23:25:05 +02:00
ia64
iio
images
infiniband
input
isdn
kbuild asm goto: eradicate CC_HAS_ASM_GOTO 2022-08-21 10:06:28 -07:00
kernel-hacking docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
leds
litmus-tests
livepatch
locking
loongarch docs/LoongArch: Add I14 description 2022-08-12 13:10:11 +08:00
m68k video: fbdev: atari: Fix inverse handling 2022-07-18 07:56:17 +02:00
maintainer
mhi
mips
misc-devices
mm Documentation/mm: add details about kmap_local_page() and preemption 2022-08-08 18:06:46 -07:00
netlabel
networking docs: net: bonding: remove mentions of trans_start 2022-08-03 19:20:13 -07:00
nios2
nvdimm
openrisc
parisc
PCI Fix of heap data and clang warnings, support for a new Intel NTB device, 2022-08-13 14:00:45 -07:00
pcmcia
peci
power Merge branches 'pm-devfreq', 'pm-qos', 'pm-tools' and 'pm-docs' 2022-07-29 19:46:00 +02:00
powerpc docs: powerpc: add elf_hwcaps to table of contents 2022-07-28 16:19:47 +10:00
process string: Introduce strtomem() and strtomem_pad() 2022-09-07 16:37:26 -07:00
RCU
riscv
s390 s390/docs: fix warnings for vfio_ap driver doc 2022-07-22 13:54:07 +02:00
scheduler
scsi SCSI misc on 20220804 2022-08-04 19:47:37 -07:00
security
sh
sound
sparc
sphinx
sphinx-static
spi
staging
target
timers
tools rtla: Fix tracer name 2022-08-10 11:43:59 -04:00
trace Tracing updates for 5.20 / 6.0 2022-08-05 09:41:12 -07:00
translations LoongArch changes for v5.20 2022-08-12 09:44:23 -07:00
usb
userspace-api SCSI misc on 20220804 2022-08-04 19:47:37 -07:00
virt KVM: x86/MMU: properly format KVM_CAP_VM_DISABLE_NX_HUGE_PAGES capability table 2022-08-11 02:35:37 -04:00
w1
watchdog watchdog/pseries-wdt: initial support for H_WATCHDOG-based watchdog timers 2022-07-20 21:57:39 +10:00
x86 dma-mapping updates 2022-08-06 10:56:45 -07:00
xtensa
.gitignore
arch.rst
asm-annotations.rst
atomic_bitops.txt locking/atomic: Make test_and_*_bit() ordered on failure 2022-08-16 09:19:43 -07:00
atomic_t.txt
Changes
CodingStyle
conf.py
docutils.conf
dontdiff
index.rst
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches