On Tue, Sep 12, 2023 at 01:12:35PM -0700, Justin Stitt wrote: > On Tue, Sep 12, 2023 at 12:36 AM Geert Uytterhoeven > <[email protected]> wrote: > > > > Hi Justin, > > > > Thanks for your patch! > > > > On Mon, Sep 11, 2023 at 7:53 PM Justin Stitt <[email protected]> wrote: > > > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > > > > > `gate_buf` should always be NUL-terminated and does not require > > > NUL-padding. It is used as a string arg inside an argv array given to > > > > Can you please explain why it does not require NUL-padding? > > It looks like this buffer is passed eventually to a user space > > application, thus possibly leaking uninitialized stack data. > > It looks like it's being passed as a list of command-line arguments in > `run_helper()`. Should this be NUL-padded due to its eventual use in > user space? If we think yes I can send a v2. Thanks for pointing this > out.
No, it's passed as a pointer to a string, and the clone call will ultimately make a copy-until-%NUL when building the new process. This doesn't need padding. Reviewed-by: Kees Cook <[email protected]> -Kees -- Kees Cook
