Commit c82f77a4 authored by Thorsten Blum's avatar Thorsten Blum Committed by Tyler Hicks
Browse files

ecryptfs: Replace strcpy with strscpy in ecryptfs_cipher_code_to_string 

strcpy() has been deprecated [1] because it performs no bounds checking
on the destination buffer, which can lead to buffer overflows. Since
the parameter 'char *str' is just a pointer with no size information,
extend the function with a 'size' parameter to pass the destination
buffer's size as an additional argument. Adjust the call sites
accordingly.

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy

 [1]
Signed-off-by: default avatarThorsten Blum <thorsten.blum@linux.dev>
Signed-off-by: default avatarTyler Hicks <code@tyhicks.com>
parent 3bdc6cac

fs/ecryptfs/crypto.c

+4 −2
Original line number Diff line number Diff line
@@ -862,11 +862,12 @@ u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes) 
/**

 * ecryptfs_cipher_code_to_string

 * @str: Destination to write out the cipher name

 * @size: Destination buffer size

 * @cipher_code: The code to convert to cipher name string

 *

 * Returns zero on success

 */

int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code)

int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code)

{

	int rc = 0;

	int i;
@@ -874,7 +875,8 @@ int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) 
	str[0] = '\0';

	for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)

		if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code)

			strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str);

			strscpy(str, ecryptfs_cipher_code_str_map[i].cipher_str,

				size);

	if (str[0] == '\0') {

		ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: "

				"[%d]\n", cipher_code);

fs/ecryptfs/ecryptfs_kernel.h

+1 −1
Original line number Diff line number Diff line
@@ -571,7 +571,7 @@ int ecryptfs_read_and_validate_header_region(struct inode *inode); 
int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry,

					    struct inode *inode);

u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes);

int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code);

int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code);

void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat);

int ecryptfs_generate_key_packet_set(char *dest_base,

				     struct ecryptfs_crypt_stat *crypt_stat,

fs/ecryptfs/keystore.c

+7 −2
Original line number Diff line number Diff line
@@ -911,7 +911,9 @@ ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 
	s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0';

	(*packet_size) += ECRYPTFS_SIG_SIZE;

	s->cipher_code = data[(*packet_size)++];

	rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code);

	rc = ecryptfs_cipher_code_to_string(s->cipher_string,

					    sizeof(s->cipher_string),

					    s->cipher_code);

	if (rc) {

		printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n",

		       __func__, s->cipher_code);
@@ -1129,7 +1131,9 @@ decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 
	memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,

	       auth_tok->session_key.decrypted_key_size);

	crypt_stat->key_size = auth_tok->session_key.decrypted_key_size;

	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code);

	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,

					    sizeof(crypt_stat->cipher),

					    cipher_code);

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n",

				cipher_code);
@@ -1395,6 +1399,7 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, 
		goto out_free;

	}

	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,

					    sizeof(crypt_stat->cipher),

					    (u16)data[(*packet_size)]);

	if (rc)

		goto out_free;