LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Daniel Thompson <daniel.thompson@linaro.org>
To: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Nick Desaulniers <nick.desaulniers@gmail.com>,
	Arnd Bergmann <arnd@arndb.de>,
	Jason Wessel <jason.wessel@windriver.com>,
	Randy Dunlap <rdunlap@infradead.org>,
	Baolin Wang <baolin.wang@linaro.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	kgdb-bugreport@lists.sourceforge.net,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	ebiggers@google.com
Subject: Re: [PATCH] kdb: prefer strlcpy to strncpy
Date: Thu, 31 May 2018 09:24:28 +0100	[thread overview]
Message-ID: <20180531082428.c5z7cpdetdrhy5wd@holly.lan> (raw)
In-Reply-To: <CAMuHMdXE980MDNO4mxOkwO=5AWV=Nzwwu1Sjt653AK8bMHbWsA@mail.gmail.com>

On Wed, May 30, 2018 at 10:47:13PM +0200, Geert Uytterhoeven wrote:
> H Daniel,
> 
> On Wed, May 30, 2018 at 4:34 PM, Daniel Thompson
> <daniel.thompson@linaro.org> wrote:
> > On Tue, May 29, 2018 at 07:01:35PM -0700, Nick Desaulniers wrote:
> >> On Tue, May 29, 2018 at 12:57 AM, Arnd Bergmann <arnd@arndb.de> wrote:
> >> > On Tue, May 29, 2018 at 7:57 AM, Nick Desaulniers
> >> > <nick.desaulniers@gmail.com> wrote:
> >> >> Fixes stringop-truncation and stringop-overflow warnings from gcc-8.
> 
> >> Eric points out that this will leak kernel memory if size is less than
> >> sizeof src.
> >
> > Don't quite understand what this means (there's no allocation here, how
> > can there be a leak?) but the symbol completion certainly won't work if
> > we truncate the copy here.
> 
> Not leak an is memory leak, but leak as in information leak of uninitialized
> data to userspace (if the buffer is ever copied to userspace).

I see... I saw "leak", I saw "memory" and was perhaps too quick to link
the two together.

The underlying bug is a buffer overflow (so a good catch and I look
forward to a v2) but, with or without Nick's change, I can't see a leak
in either sense of the word in the code that Arnd was commenting on[1].


Daniel.


[1] Clearly the undefined behaviour post-overflow *could* be a leak but
    I stopped analyzing after the overflow.

      reply	other threads:[~2018-05-31  8:24 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-29  5:57 Nick Desaulniers
2018-05-29  7:57 ` Arnd Bergmann
2018-05-30  2:01   ` Nick Desaulniers
2018-05-30 14:34     ` Daniel Thompson
2018-05-30 20:47       ` Geert Uytterhoeven
2018-05-31  8:24         ` Daniel Thompson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180531082428.c5z7cpdetdrhy5wd@holly.lan \
    --to=daniel.thompson@linaro.org \
    --cc=arnd@arndb.de \
    --cc=baolin.wang@linaro.org \
    --cc=ebiederm@xmission.com \
    --cc=ebiggers@google.com \
    --cc=geert@linux-m68k.org \
    --cc=jason.wessel@windriver.com \
    --cc=kgdb-bugreport@lists.sourceforge.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nick.desaulniers@gmail.com \
    --cc=rdunlap@infradead.org \
    --subject='Re: [PATCH] kdb: prefer strlcpy to strncpy' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).