tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

string.h: Validate memtostr*()/strtomem*() arguments more carefully

Since these functions handle moving between C strings and non-C strings,
they should check for the appropriate presence/lack of the nonstring
attribute on arguments.

Signed-off-by: Kees Cook <kees@kernel.org>

Kees Cook 1286f632 9f25b1fb

+12 -4
+12 -4
include/linux/string.h
··· 415 415 */ 416 416 #define strtomem_pad(dest, src, pad) do { \ 417 417 const size_t _dest_len = __must_be_byte_array(dest) + \ 418 + __must_be_noncstr(dest) + \ 418 419 ARRAY_SIZE(dest); \ 419 - const size_t _src_len = __builtin_object_size(src, 1); \ 420 + const size_t _src_len = __must_be_cstr(src) + \ 421 + __builtin_object_size(src, 1); \ 420 422 \ 421 423 BUILD_BUG_ON(!__builtin_constant_p(_dest_len) || \ 422 424 _dest_len == (size_t)-1); \ ··· 441 439 */ 442 440 #define strtomem(dest, src) do { \ 443 441 const size_t _dest_len = __must_be_byte_array(dest) + \ 442 + __must_be_noncstr(dest) + \ 444 443 ARRAY_SIZE(dest); \ 445 - const size_t _src_len = __builtin_object_size(src, 1); \ 444 + const size_t _src_len = __must_be_cstr(src) + \ 445 + __builtin_object_size(src, 1); \ 446 446 \ 447 447 BUILD_BUG_ON(!__builtin_constant_p(_dest_len) || \ 448 448 _dest_len == (size_t)-1); \ ··· 463 459 */ 464 460 #define memtostr(dest, src) do { \ 465 461 const size_t _dest_len = __must_be_byte_array(dest) + \ 462 + __must_be_cstr(dest) + \ 466 463 ARRAY_SIZE(dest); \ 467 - const size_t _src_len = __builtin_object_size(src, 1); \ 464 + const size_t _src_len = __must_be_noncstr(src) + \ 465 + __builtin_object_size(src, 1); \ 468 466 const size_t _src_chars = strnlen(src, _src_len); \ 469 467 const size_t _copy_len = min(_dest_len - 1, _src_chars); \ 470 468 \ ··· 491 485 */ 492 486 #define memtostr_pad(dest, src) do { \ 493 487 const size_t _dest_len = __must_be_byte_array(dest) + \ 488 + __must_be_cstr(dest) + \ 494 489 ARRAY_SIZE(dest); \ 495 - const size_t _src_len = __builtin_object_size(src, 1); \ 490 + const size_t _src_len = __must_be_noncstr(src) + \ 491 + __builtin_object_size(src, 1); \ 496 492 const size_t _src_chars = strnlen(src, _src_len); \ 497 493 const size_t _copy_len = min(_dest_len - 1, _src_chars); \ 498 494 \