diff options
| author | Kees Cook <[email protected]> | 2024-11-30 04:06:55 +0000 |
|---|---|---|
| committer | Kees Cook <[email protected]> | 2024-12-17 00:53:00 +0000 |
| commit | 3a3f61ce5e0b4bcf730acc09c1af91012d241f85 (patch) | |
| tree | fb789240fafc051aeb40f066152bcae0adf2cc14 /arch/powerpc/lib/code-patching.c | |
| parent | exec: remove legacy custom binfmt modules autoloading (diff) | |
| download | kernel-3a3f61ce5e0b4bcf730acc09c1af91012d241f85.tar.gz kernel-3a3f61ce5e0b4bcf730acc09c1af91012d241f85.zip | |
exec: Make sure task->comm is always NUL-terminated
Using strscpy() meant that the final character in task->comm may be
non-NUL for a moment before the "string too long" truncation happens.
Instead of adding a new use of the ambiguous strncpy(), we'd want to
use memtostr_pad() which enforces being able to check at compile time
that sizes are sensible, but this requires being able to see string
buffer lengths. Instead of trying to inline __set_task_comm() (which
needs to call trace and perf functions), just open-code it. But to
make sure we're always safe, add compile-time checking like we already
do for get_task_comm().
Suggested-by: Linus Torvalds <[email protected]>
Suggested-by: "Eric W. Biederman" <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
Diffstat (limited to 'arch/powerpc/lib/code-patching.c')
0 files changed, 0 insertions, 0 deletions