Xen project Mailing List

[Xen-changelog] [xen-unstable] safe_str*() functions check their destination argument is a

From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Thu, 01 Feb 2007 13:35:08 -0800

Delivery-date: Thu, 01 Feb 2007 13:35:17 -0800

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User kfraser@xxxxxxxxxxxxxxxxxxxxx # Date 1170337475 0 # Node ID f45de0fe8a15cd6f335f378e3038b84fa3c7050d # Parent 6e81102d29be5c688c0e77c9ef3303c677264e91 safe_str*() functions check their destination argument is a character-array type. Fix two bad callers. Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx> --- xen/arch/x86/dmi_scan.c | 2 +- xen/common/kexec.c | 2 +- xen/include/xen/string.h | 12 ++++++++++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff -r 6e81102d29be -r f45de0fe8a15 xen/arch/x86/dmi_scan.c --- a/xen/arch/x86/dmi_scan.c Thu Feb 01 13:15:03 2007 +0000 +++ b/xen/arch/x86/dmi_scan.c Thu Feb 01 13:44:35 2007 +0000 @@ -159,7 +159,7 @@ static void __init dmi_save_ident(struct return; dmi_ident[slot] = alloc_bootmem(strlen(p)+1); if(dmi_ident[slot]) - safe_strcpy(dmi_ident[slot], p); + strlcpy(dmi_ident[slot], p, strlen(p)+1); else printk(KERN_ERR "dmi_save_ident: out of memory.\n"); } diff -r 6e81102d29be -r f45de0fe8a15 xen/common/kexec.c --- a/xen/common/kexec.c Thu Feb 01 13:15:03 2007 +0000 +++ b/xen/common/kexec.c Thu Feb 01 13:44:35 2007 +0000 @@ -131,7 +131,7 @@ __initcall(register_crashdump_trigger); static void setup_note(Elf_Note *n, const char *name, int type, int descsz) { - safe_strcpy(ELFNOTE_NAME(n), name); + strlcpy(ELFNOTE_NAME(n), name, INT_MAX); n->namesz = strlen(name); n->descsz = descsz; n->type = type; diff -r 6e81102d29be -r f45de0fe8a15 xen/include/xen/string.h --- a/xen/include/xen/string.h Thu Feb 01 13:15:03 2007 +0000 +++ b/xen/include/xen/string.h Thu Feb 01 13:44:35 2007 +0000 @@ -82,8 +82,16 @@ extern void * memchr(const void *,int,__ } #endif +#define is_char_array(x) __builtin_types_compatible_p(typeof(x), char[]) + /* safe_xxx always NUL-terminates and returns !=0 if result is truncated. */ -#define safe_strcpy(d, s) (strlcpy(d, s, sizeof(d)) >= sizeof(d)) -#define safe_strcat(d, s) (strlcat(d, s, sizeof(d)) >= sizeof(d)) +#define safe_strcpy(d, s) ({ \ + BUILD_BUG_ON(!is_char_array(d)); \ + (strlcpy(d, s, sizeof(d)) >= sizeof(d)); \ +}) +#define safe_strcat(d, s) ({ \ + BUILD_BUG_ON(!is_char_array(d)); \ + (strlcat(d, s, sizeof(d)) >= sizeof(d)); \ +}) #endif /* _LINUX_STRING_H_ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.