korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-20 12:54:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
dfbafa70bd
linux/Documentation/process
History
Kees Cook dfbafa70bd string: Introduce strtomem() and strtomem_pad() 
One of the "legitimate" uses of strncpy() is copying a NUL-terminated
string into a fixed-size non-NUL-terminated character array. To avoid
the weaknesses and ambiguity of intent when using strncpy(), provide
replacement functions that explicitly distinguish between trailing
padding and not, and require the destination buffer size be discoverable
by the compiler.

For example:

struct obj {
	int foo;
	char small[4] __nonstring;
	char big[8] __nonstring;
	int bar;
};

struct obj p;

/* This will truncate to 4 chars with no trailing NUL */
strncpy(p.small, "hello", sizeof(p.small));
/* p.small contains 'h', 'e', 'l', 'l' */

/* This will NUL pad to 8 chars. */
strncpy(p.big, "hello", sizeof(p.big));
/* p.big contains 'h', 'e', 'l', 'l', 'o', '\0', '\0', '\0' */

When the "__nonstring" attributes are missing, the intent of the
programmer becomes ambiguous for whether the lack of a trailing NUL
in the p.small copy is a bug. Additionally, it's not clear whether
the trailing padding in the p.big copy is _needed_. Both cases
become unambiguous with:

strtomem(p.small, "hello");
strtomem_pad(p.big, "hello", 0);

See also https://github.com/KSPP/linux/issues/90

Expand the memcpy KUnit tests to include these functions.

Cc: Wolfram Sang <wsa+renesas@sang-engineering.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
2022-09-07 16:37:26 -07:00
..
1.Intro.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
2.Process.rst Documentation: process: step 2: Link to email list fixed. 2020-09-03 10:31:03 -06:00
3.Early-stage.rst Documentation/process: use scripts/get_maintainer.pl on patches 2022-05-09 16:12:16 -06:00
4.Coding.rst doc: use KCFLAGS instead of EXTRA_CFLAGS to pass flags from command line 2021-02-22 13:59:10 -07:00
5.Posting.rst docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
6.Followthrough.rst
7.AdvancedTopics.rst Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00
8.Conclusion.rst docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
adding-syscalls.rst docs: Make syscalls' helpers naming consistent 2021-02-04 14:47:24 -07:00
applying-patches.rst Documentation: describe how to apply incremental stable patches 2022-03-09 16:29:44 -07:00
botching-up-ioctls.rst Replace HTTP links with HTTPS ones: Documentation/process 2020-06-26 11:19:43 -06:00
changes.rst scripts/check-local-export: avoid 'wait $!' for process substitution 2022-06-10 03:47:13 +09:00
clang-format.rst Documentation: fix typos found in process, dev-tools, and doc-guide subdirectories 2020-12-03 15:55:04 -07:00
code-of-conduct-interpretation.rst Code of Conduct Interpretation: Put in the proper URL for the committee 2018-10-22 07:33:36 +01:00
code-of-conduct.rst Code of Conduct: Change the contact email address 2018-10-22 07:33:36 +01:00
coding-style.rst coding-style.rst: trivial: fix location of driver model macros 2021-10-26 09:39:49 -06:00
deprecated.rst string: Introduce strtomem() and strtomem_pad() 2022-09-07 16:37:26 -07:00
development-process.rst
email-clients.rst Documentation: process: Update email client instructions for Thunderbird 2022-07-20 15:17:09 -06:00
embargoed-hardware-issues.rst docs: embargoed-hardware-issues: fix invalid AMD contact email 2022-07-29 16:10:04 +02:00
handling-regressions.rst docs: *-regressions.rst: explain how quickly issues should be handled 2022-02-24 12:57:25 -07:00
howto.rst docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
index.rst docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
kernel-docs.rst sound updates for 6.0-rc1 2022-08-06 10:19:51 -07:00
kernel-driver-statement.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
kernel-enforcement-statement.rst Documentation: drop optional BOMs 2021-05-10 15:17:34 -06:00
license-rules.rst LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
magic-number.rst tty: remove TTY_LDISC_MAGIC 2021-03-10 09:34:06 +01:00
maintainer-handbooks.rst docs: netdev: move the netdev-FAQ to the process pages 2022-03-31 10:49:39 +02:00
maintainer-netdev.rst docs: netdev: add a cheat sheet for the rules 2022-07-04 10:06:50 +01:00
maintainer-pgp-guide.rst Documentation/process/maintainer-pgp-guide: Replace broken link to PGP path finder 2021-08-24 13:23:21 -06:00
maintainer-tip.rst x86/configs: Add x86 debugging Kconfig fragment plus docs 2022-04-06 19:56:29 +02:00
maintainers.rst doc-rst: Programmatically render MAINTAINERS into ReST 2019-10-02 10:03:17 -06:00
management-style.rst Documentation: management-style: Fix formatting of emphsized word 2020-03-10 11:32:34 -06:00
programming-language.rst Kbuild: move to -std=gnu11 2022-03-13 17:31:37 +09:00
researcher-guidelines.rst Documentation/process: Add Researcher Guidelines 2022-03-09 16:19:23 -07:00
stable-api-nonsense.rst doc: process: GPL -> GPL-compatible 2019-02-01 16:19:11 -07:00
stable-kernel-rules.rst Documentation: update stable review cycle documentation 2022-03-18 14:32:49 +01:00
submit-checklist.rst doc: use KCFLAGS instead of EXTRA_CFLAGS to pass flags from command line 2021-02-22 13:59:10 -07:00
submitting-patches.rst docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
volatile-considered-harmful.rst Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00