iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,217,309 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Kees Cook 6c99679e4a string: Adjust strtomem() logic to allow for smaller sources 
[ Upstream commit 0e108725f6cc5b3be9e607f89c9fbcbb236367b7 ]

Arnd noticed we have a case where a shorter source string is being copied
into a destination byte array, but this results in a strnlen() call that
exceeds the size of the source. This is seen with -Wstringop-overread:

In file included from ../include/linux/uuid.h:11,
                 from ../include/linux/mod_devicetable.h:14,
                 from ../include/linux/cpufeature.h:12,
                 from ../arch/x86/coco/tdx/tdx.c:7:
../arch/x86/coco/tdx/tdx.c: In function 'tdx_panic.constprop':
../include/linux/string.h:284:9: error: 'strnlen' specified bound 64 exceeds source size 60 [-Werror=stringop-overread]
  284 |         memcpy_and_pad(dest, _dest_len, src, strnlen(src, _dest_len), pad); \
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../arch/x86/coco/tdx/tdx.c:124:9: note: in expansion of macro 'strtomem_pad'
  124 |         strtomem_pad(message.str, msg, '\0');
      |         ^~~~~~~~~~~~

Use the smaller of the two buffer sizes when calling strnlen(). When
src length is unknown (SIZE_MAX), it is adjusted to use dest length,
which is what the original code did.

Reported-by: Arnd Bergmann <arnd@arndb.de>
Fixes: dfbafa70bde2 ("string: Introduce strtomem() and strtomem_pad()")
Tested-by: Arnd Bergmann <arnd@arndb.de>
Cc: Andy Shevchenko <andy@kernel.org>
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-11-20 11:58:54 +01:00
arch
x86/nmi: Fix out-of-order NMI nesting checks & false positive warning
2023-11-20 11:58:53 +01:00
block
blk-throttle: check for overflow in calculate_bytes_allowed
2023-10-20 18:38:17 -06:00
certs
certs: Reference revocation list for all keyrings
2023-08-17 20:12:41 +00:00
crypto
KEYS: asymmetric: Fix sign/verify on pkcs1pad without a hash
2023-10-18 12:27:10 +08:00
Documentation
x86/srso: Fix vulnerability reporting for missing microcode
2023-11-20 11:58:52 +01:00
drivers
drivers/clocksource/timer-ti-dm: Don't call clk_get_rate() in stop function
2023-11-20 11:58:53 +01:00
fs
pstore/platform: Add check for kstrdup
2023-11-20 11:58:53 +01:00
include
string: Adjust strtomem() logic to allow for smaller sources
2023-11-20 11:58:54 +01:00
init
workqueue: Changes for v6.6
2023-09-01 16:06:32 -07:00
io_uring
assorted fixes all over the place
2023-10-27 16:44:58 -10:00
ipc
Add x86 shadow stack support
2023-08-31 12:20:12 -07:00
kernel
perf: Optimize perf_cgroup_switch()
2023-11-20 11:58:53 +01:00
lib
maple_tree: add GFP_KERNEL to allocations in mas_expected_entries()
2023-10-18 12:12:41 -07:00
LICENSES
LICENSES: Add the copyleft-next-0.3.1 license
2022-11-08 15:44:01 +01:00
mm
vfs: fix readahead(2) on block devices
2023-11-20 11:58:52 +01:00
net
netfilter pull request 23-10-25
2023-10-25 16:02:06 -07:00
rust
rust: docs: fix logo replacement
2023-10-19 16:40:00 +02:00
samples
VFIO updates for v6.6-rc1
2023-08-30 20:36:01 -07:00
scripts
x86/srso: Fix unret validation dependencies
2023-11-20 11:58:52 +01:00
security
KEYS: trusted: Remove redundant static calls usage
2023-10-10 11:19:43 -07:00
sound
ASoC: SOF: sof-pci-dev: Fix community key quirk detection
2023-11-08 11:56:24 +01:00
tools
selftests/x86/lam: Zero out buffer for readlink()
2023-11-20 11:58:54 +01:00
usr
initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP
2023-06-06 17:54:49 +09:00
virt
ARM:
2023-09-07 13:52:20 -07:00
.clang-format
iommu: Add for_each_group_device()
2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore
get_maintainer: add Alan to .get_maintainer.ignore
2022-08-20 15:17:44 -07:00
.gitattributes
.gitattributes: set diff driver for Rust source code files
2023-05-31 17:48:25 +02:00
.gitignore
kbuild: rpm-pkg: rename binkernel.spec to kernel.spec
2023-07-25 00:59:33 +09:00
.mailmap
20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues
2023-10-24 09:52:16 -10:00
.rustfmt.toml
rust: add .rustfmt.toml
2022-09-28 09:02:20 +02:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
USB: Remove Wireless USB and UWB documentation
2023-08-09 14:17:32 +02:00
Kbuild
Kbuild updates for v6.1
2022-10-10 12:00:45 -07:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
Char/Misc driver fixes for 6.6-final
2023-10-28 07:51:27 -10:00
Makefile
Linux 6.6.1
2023-11-08 11:56:25 +01:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%