strscpy: zero any trailing garbage bytes in the destination
It's possible that the destination can be shadowed in userspace (as, for example, the perf buffers are now). So we should take care not to leak data that could be inspected by userspace. Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
This commit is contained in:
parent
c753bf34c9
commit
990486c8af
|
@ -203,12 +203,13 @@ ssize_t strscpy(char *dest, const char *src, size_t count)
|
||||||
unsigned long c, data;
|
unsigned long c, data;
|
||||||
|
|
||||||
c = *(unsigned long *)(src+res);
|
c = *(unsigned long *)(src+res);
|
||||||
*(unsigned long *)(dest+res) = c;
|
|
||||||
if (has_zero(c, &data, &constants)) {
|
if (has_zero(c, &data, &constants)) {
|
||||||
data = prep_zero_mask(c, data, &constants);
|
data = prep_zero_mask(c, data, &constants);
|
||||||
data = create_zero_mask(data);
|
data = create_zero_mask(data);
|
||||||
|
*(unsigned long *)(dest+res) = c & zero_bytemask(data);
|
||||||
return res + find_zero(data);
|
return res + find_zero(data);
|
||||||
}
|
}
|
||||||
|
*(unsigned long *)(dest+res) = c;
|
||||||
res += sizeof(unsigned long);
|
res += sizeof(unsigned long);
|
||||||
count -= sizeof(unsigned long);
|
count -= sizeof(unsigned long);
|
||||||
max -= sizeof(unsigned long);
|
max -= sizeof(unsigned long);
|
||||||
|
|
Loading…
Reference in New Issue