kernel development process
I am posting this to kernelnewbies because I do not know the correct
way to broach the issue elsewhere.
Code audit in drivers/staging on calls to strncpy().
Tree: gregKH/staging
commit d5adbfcd5f7bcc6fa58a41c5c5ada0e5c826ce2c
File: drivers/staging/rtl8192u/ieee80211/ieee80211_softmac_wx.c
Function: int ieee80211_wx_set_essid(struct ieee80211_device *ieee,
struct iw_request_info *a,
union iwreq_data *wrqu, char *extra)
Lines: 415 - 429
spin_lock_irqsave(&ieee->lock, flags);
if (wrqu->essid.flags && wrqu->essid.length) {
/* first flush current network.ssid */
len = ((wrqu->essid.length-1) < IW_ESSID_MAX_SIZE) ?
(wrqu->essid.length-1) : IW_ESSID_MAX_SIZE;
strncpy(ieee->current_network.ssid, extra, len+1);
ieee->current_network.ssid_len = len+1;
ieee->ssid_set = 1;
} else {
ieee->ssid_set = 0;
ieee->current_network.ssid[0] = '\0';
ieee->current_network.ssid_len = 0;
}
spin_unlock_irqrestore(&ieee->lock, flags);
Control can reach this snippet in two states:
1. wrqu->essid.length *can* be larger than IW_ESSID_MAX_SIZE
2. wrqu->essid.length *can not* be larger than IW_ESSID_MAX_SIZE (likely)
If wrqu->essid.length *can* be larger than IW_ESSID_MAX_SIZE:
- For the case when wrqu->essid.length > IW_ESSID_MAX_SIZE code sets
len to IW_ESSID_MAX_SIZE. If then, source string for call to strncpy()
(extra) is >= len+1 (IW_ESSID_MAX_SIZE+1) this results in a
non null terminated buffer.
If wrqu->essid.length *can not* be larger than IW_ESSID_MAX_SIZE:
- Setting of 'len' is overly complicated
- The code could be simplified by getting rid of the +1's and -1's
- The string would be null terminated without additional code (in line
with usage throughout the file).
There may not be an issue here, the code may be correct. It seems
overly complicated to prove that there is not an off by one error or a
buffer overflow vulnerability. The code does not seem to conform to
the rest of the file.
*If* there is a problem adding a null terminating byte would solve it
for both possible states.
Comments/questions
--
1. How would a more experienced kernel developer approach an issue
like this? With an initial patch and the discussion in a cover letter?
2. General kernel question:
Using compiler constants to define buffer storage in two differing
manners (i.e constant includes space for null byte vs constant does not
include space for null byte) especially when done using the *same*
constant seems to be asking for trouble.
I'm sure this has been discussed before at length, is there a
consensus on this? Is there a per subsystem consensus?
thanks,
Tobin.
___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
recovery from fail
I have made and epic fail and am asking for advice on how to proceed to cause the least amount of upset. I submitted a simple patch series to LKML. A reviewer made a suggestion. I submitted v2 - without building it :( kbuild test robot picked up that it doesn't compile. The problem is that I now cannot get the second patch of the series to compile. What is the correct protocol to follow? I don't want to make any more noise than I already have but I also don't want to ignore the reviewer by not implementing the suggested changes. Is it rude to reply to the original review email for further discussion having already botched the patch? Thanks in advance, Tobin. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Re: git send-email
As the behaviour I am questioning has displayed itself with the original message, this must not have anything to do with `git send-email` but rather must be a mutt thing. Any ideas most appreciated but I realize now this is probably not the correct place to ask. Thanks for your time anyways, apologies for the noise. thanks, Tobin. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
git send-email
When using git send-email all emails originating with myself have the word 'To' in the recipient field (in both mutt and web based email client). Single line as view in mutt; 8 F Feb 09 To David S. Mil (3.5K) ├─>[PATCH 4/4] net: Fix check git send-email command used ; $ git send-email \ --to="David S. Miller " \ --cc="net...@vger.kernel.org, linuk-ker...@vger.kernel.org" \ --cover-letter *.patch Am I using git incorrectly? $ cat ~/.gitconfig ... [sendemail] from = Tobin C. Harding smtpuser = * smtppass = * smtpserver = mail.messagingengine.com smtpencryption = tls smtpserverport = 587 confirm = auto ... thanks, Tobin. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Re: list etiquette
On Tue, Jun 07, 2016 at 12:03:57PM -0400, Frank Ch. Eigler wrote: > > m...@tobin.cc wrote: > > > LKML list etiquette question. When asking a [simple] question that > > receives an suitable answer is it correct etiquette to reply with a > > thank you email or is this just adding noise to the list? > > (Probably obvious, but you can always reply with a "thank you", > sent directly to the people who answered rather than to the list.) I had got the vibe that it was unacceptable to mail people directly and not cc the list. Is this response correct that there are times it is acceptable to exclude the list. GregKH has had to nudge me twice for doing this so I am very hesitant to write any emails that are not in the clear (cc'ing a list). Tobin ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
list etiquette
LKML list etiquette question. When asking a [simple] question that receives an suitable answer is it correct etiquette to reply with a thank you email or is this just adding noise to the list? thanks, Tobin. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
git send-email
Workflow - $ git format-patch -s -1 add patch comment then $ git send-email Question please - Who should the email be sent to without having a 'To' address repeated in the CC field generated by `git send-email`. To rephrase the question: git send-email CC's everyone who may be interested according to get_maintainers.pl. Will I annoy people if I address them in the To field as well as the CC field. Thank you in advance for your time, Tobin Harding. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Re: pr_debug
On Tue, May 10, 2016 at 09:33:46AM +0200, Greg KH wrote: > Please read Documentation/dynamic-debug-howto.txt thanks Greg, your are a gentleman. tobin ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
pr_debug
pr_debug messages do not appear in dmesg output (or via cat /proc/kmsg). I have set console level to 8 (cat /proc/sys/kernel/printk -> 8 1 4 8). Any suggestions please? -- thanks, Tobin. ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Re: mkinitcpio
Issue resolved thank you. I forgot to CC the list. Thanks also to Pablo G. Gallardo. Regards, Tobin Harding. signature.asc Description: PGP signature ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
mkinitcpio
Hi, I have a kernel build question please. After build and install of new kernel and modules mkinitcpio gives the following warning ==> WARNING: No modules were added to the image. This is probably not what you want. Web search did not turn up anything. Complete command and output is: # mkinitcpio -g initramfs-custom.img -k 4.5.0-eudyptula+ ==> Starting build: 4.5.0-eudyptula+ -> Running build hook: [base] -> Running build hook: [udev] -> Running build hook: [autodetect] -> Running build hook: [modconf] -> Running build hook: [block] -> Running build hook: [filesystems] -> Running build hook: [keyboard] -> Running build hook: [fsck] ==> WARNING: No modules were added to the image. This is probably not what you want. ==> Creating gzip-compressed initcpio image: /boot/initramfs-custom.img ==> Image generation successful # Any pointers much appreciated, thank you. Tobin signature.asc Description: PGP signature ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
