From nobody Wed Jan 7 03:46:03 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F36DCE784AC for ; Mon, 2 Oct 2023 12:49:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237205AbjJBMtW (ORCPT ); Mon, 2 Oct 2023 08:49:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237153AbjJBMtM (ORCPT ); Mon, 2 Oct 2023 08:49:12 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 711CDB3; Mon, 2 Oct 2023 05:49:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1696250949; x=1727786949; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WVE+cTWn35UO5vLvQsvUZfoDsGX8itnFJxRzd+LwsvA=; b=Xmulf2XW7dVrjf4oBXscwH2F10wFXYMP66EgBp9EZB4insMga2WRbd/v 5SGX4wqFRg507s8GzsewT6uwbYBNtjxYi2HDRkcZV8S7aIMznZvw3Qg55 uDKU0U3bbBdVTFEeTw4zJFGGiBULG49nLKA2QyOnhxXGP9NkYzegkSZI1 GKpQxoSHOBm6Nl/AuWoZkA0yah8B44tFFPR2jFWjUjVhSdAHpQna6ENvp H+Drut1fx8P6KhIvbtUWhqHLTml+gM1CMjYT2CmSOLPenuIoJCAiwHK2q nZ0Y7yYZdgkEu/Ijq0oiFSGT6gMAVEZM/7TAlqo7jlDx8W3xvp8rDJtjY Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10851"; a="381517989" X-IronPort-AV: E=Sophos;i="6.03,194,1694761200"; d="scan'208";a="381517989" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Oct 2023 05:49:05 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10851"; a="894127813" X-IronPort-AV: E=Sophos;i="6.03,194,1694761200"; d="scan'208";a="894127813" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 02 Oct 2023 05:47:42 -0700 Received: by black.fi.intel.com (Postfix, from userid 1003) id 098B914B3; Mon, 2 Oct 2023 15:49:02 +0300 (EEST) From: Andy Shevchenko To: Andy Shevchenko , linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Luis Chamberlain , Kees Cook , Greg Kroah-Hartman Subject: [PATCH v2 2/5] params: Do not go over the limit when getting the string length Date: Mon, 2 Oct 2023 15:48:53 +0300 Message-Id: <20231002124856.2455696-3-andriy.shevchenko@linux.intel.com> X-Mailer: git-send-email 2.40.0.1.gaa8946217a0b In-Reply-To: <20231002124856.2455696-1-andriy.shevchenko@linux.intel.com> References: <20231002124856.2455696-1-andriy.shevchenko@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" We can use strnlen() even on early stages and it prevents from going over the string boundaries in case it's already too long. Signed-off-by: Andy Shevchenko --- kernel/params.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/params.c b/kernel/params.c index 626fa8265932..f8e3c4139854 100644 --- a/kernel/params.c +++ b/kernel/params.c @@ -260,7 +260,10 @@ EXPORT_SYMBOL_GPL(param_set_uint_minmax); =20 int param_set_charp(const char *val, const struct kernel_param *kp) { - if (strlen(val) > 1024) { + size_t len, maxlen =3D 1024; + + len =3D strnlen(val, maxlen + 1); + if (len =3D=3D maxlen + 1) { pr_err("%s: string parameter too long\n", kp->name); return -ENOSPC; } @@ -270,7 +273,7 @@ int param_set_charp(const char *val, const struct kerne= l_param *kp) /* This is a hack. We can't kmalloc in early boot, and we * don't need to; this mangled commandline is preserved. */ if (slab_is_available()) { - *(char **)kp->arg =3D kmalloc_parameter(strlen(val)+1); + *(char **)kp->arg =3D kmalloc_parameter(len + 1); if (!*(char **)kp->arg) return -ENOMEM; strcpy(*(char **)kp->arg, val); @@ -508,7 +511,7 @@ int param_set_copystring(const char *val, const struct = kernel_param *kp) { const struct kparam_string *kps =3D kp->str; =20 - if (strlen(val)+1 > kps->maxlen) { + if (strnlen(val, kps->maxlen) =3D=3D kps->maxlen) { pr_err("%s: string doesn't fit in %u chars.\n", kp->name, kps->maxlen-1); return -ENOSPC; --=20 2.40.0.1.gaa8946217a0b