On 2025-04-04 08:28, Devaansh Kumar wrote:
On Fri, 4 Apr 2025 at 01:05, Steven Rostedt <[email protected]> wrote:
On Fri, 4 Apr 2025 00:43:40 +0530
Devaansh Kumar <[email protected]> wrote:
@@ -537,14 +538,16 @@ stack_trace_sysctl(struct ctl_table *table, int write,
void *buffer,
return ret;
}
-static char stack_trace_filter_buf[COMMAND_LINE_SIZE+1] __initdata;
+static char stack_trace_filter_buf[COMMAND_LINE_SIZE+1] __initdata __nonstring;
static __init int enable_stacktrace(char *str)
{
int len;
- if ((len = str_has_prefix(str, "_filter=")))
- strncpy(stack_trace_filter_buf, str + len, COMMAND_LINE_SIZE);
+ len = str_has_prefix(str, "_filter=");
+
+ if (len)
+ memcpy(stack_trace_filter_buf, str + len,
sizeof(stack_trace_filter_buf));
Hmm, this location looks like it can just use strscpy().
Yes strscpy() also works. But since stack_trace_filter_buf is length
bounded, shouldn't memcpy be the right choice?
It's not only about the destination, but also about the source length.
AFAIU, turning a strncpy into a memcpy here will overflow reading the
input @str if the input string is smaller than
sizeof(stack_trace_filter_buf) + len.
This can trigger page faults or make KASAN unhappy.
Thanks,
Mathieu
--
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com
