On Mon, Mar 28, 2016 at 4:30 PM, Joe Perches <[email protected]> wrote: > On Mon, 2016-03-28 at 14:14 -0700, Kees Cook wrote: >> Handle allocating and escaping a string safe for logging. > [] >> diff --git a/include/linux/string_helpers.h b/include/linux/string_helpers.h > [] >> @@ -68,4 +68,6 @@ static inline int string_escape_str_any_np(const char >> *src, char *dst, >> return string_escape_str(src, dst, sz, ESCAPE_ANY_NP, only); >> } >> >> +char *kstrdup_quotable(char *src); > > char *kstrdup_quotable(const char *src) > > but shouldn't this really take a gfp_t like all > the other kstr<string> functions?
Ah, good idea, yes. I'll add this. >> diff --git a/lib/string_helpers.c b/lib/string_helpers.c > [] >> +char *kstrdup_quotable(char *src) > [] >> + BUG_ON(string_escape_mem(src, slen, dst, dlen, flags, esc) != dlen); > > BUG_ON? why? I was thinking that if the string_escape_mem output length changes between calls, something has gone terribly wrong internally, and we should stop. But, since we're limited to dlen, it'll be a truncation at worst. I will change this to WARN_ON, which is what kasprintf does. Thanks! -Kees -- Kees Cook Chrome OS & Brillo Security
