From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on2044.outbound.protection.outlook.com [40.107.14.44]) by sourceware.org (Postfix) with ESMTPS id 6D9763858284 for ; Fri, 24 Feb 2023 12:44:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6D9763858284 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QavqTyDBp8R2qe9WLuy6vnnJt/FW88DHSHZJ+Czne+Q=; b=gPMPv8f+4dc+AeKA1hLviO1M8ngw6ZeNAZsFxJTlNnKnnGhHTrmYwKTU/1H8W1yZEbuIK1IPx6BmNZzdzu0c1geNX+JQPCFmWiczskxHSKabzhsYvATk7WG27P2DtZNTnYt7xt5WGuzIW4SrsZJtQ5dVJ5T/xOfe7iC9RqNJSOg= Received: from DB8PR09CA0015.eurprd09.prod.outlook.com (2603:10a6:10:a0::28) by AS2PR08MB10154.eurprd08.prod.outlook.com (2603:10a6:20b:62e::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.19; Fri, 24 Feb 2023 12:44:02 +0000 Received: from DBAEUR03FT019.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:a0:cafe::f5) by DB8PR09CA0015.outlook.office365.com (2603:10a6:10:a0::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.24 via Frontend Transport; Fri, 24 Feb 2023 12:44:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DBAEUR03FT019.mail.protection.outlook.com (100.127.142.129) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.11 via Frontend Transport; Fri, 24 Feb 2023 12:44:01 +0000 Received: ("Tessian outbound 6e565e48ed4a:v132"); Fri, 24 Feb 2023 12:44:01 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 2fee319c5fc784c6 X-CR-MTA-TID: 64aa7808 Received: from fcad14f716ab.2 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 0BF0E97C-C9A0-4BAD-A066-F5062A6C255C.1; Fri, 24 Feb 2023 12:43:55 +0000 Received: from EUR05-AM6-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id fcad14f716ab.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 24 Feb 2023 12:43:54 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G7VaQ/Li/uu/4yG6UXJ1v9mhHqobRG+QTKh3CN64poLSUYSH5O68v2XQXqQ12SMtQsEZetdu+mncjkdWb4TBuIPD4ntLOeCKb5nuK+QtA2JilZOwGizX7PIIYBBOsUNCy2dfetr15ZU44Cu9gO2RJvFzgqBoldo3HzLlVWvFsvdFzTL1CP4/RG/M/5CHXJ8ACRmzkHC8w7hlzbBxgUql81e5PegrqvGQP6AUSnR8++6o9ZgNEk6LWQsYvLlnhk7idQVZJvK/wSkPxNZx/U56yY21iQk0pgOQIbbJ5cLkiXR4mhKBcQS4Kqok3nNB6+G9Th9I5vQw8QY44c6wAwXlgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QavqTyDBp8R2qe9WLuy6vnnJt/FW88DHSHZJ+Czne+Q=; b=NeSFQWSXIDFROlujuKyF+dfmWBScq2uqaNd/uaOdyjTc0U5pcwy31jKJH/Bkuvy1/CJgLJtu4eX0FIb2GxdImHbyhr/kdUCbWCwfg+J5ZR07ayHwxNqy14fAkLzXQXyvqXkje57RXRPlfVt5+3glPZ6hVoAgxHefGgs/gmf18nzQ8KtOG/3vpgYAWLY47DaLTc096ZIvlgsgy9x6rP9faoaW9yzZo/Y4Vu3QMLQMWtMgt6aqC4SpldWVsFICXREuSplI+VhdRprxsxfPddK3QYRFduf7VuIEiHQQmzFrDBJqpJie9IXx5XaYlSxdojZWHeG1+m8fbzx6Dx3YDuK9sA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QavqTyDBp8R2qe9WLuy6vnnJt/FW88DHSHZJ+Czne+Q=; b=gPMPv8f+4dc+AeKA1hLviO1M8ngw6ZeNAZsFxJTlNnKnnGhHTrmYwKTU/1H8W1yZEbuIK1IPx6BmNZzdzu0c1geNX+JQPCFmWiczskxHSKabzhsYvATk7WG27P2DtZNTnYt7xt5WGuzIW4SrsZJtQ5dVJ5T/xOfe7iC9RqNJSOg= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) by DB9PR08MB9923.eurprd08.prod.outlook.com (2603:10a6:10:3d1::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.24; Fri, 24 Feb 2023 12:43:51 +0000 Received: from DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::e3d1:5a4:db0c:43cc]) by DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::e3d1:5a4:db0c:43cc%7]) with mapi id 15.20.6134.024; Fri, 24 Feb 2023 12:43:51 +0000 Date: Fri, 24 Feb 2023 12:43:32 +0000 From: Szabolcs Nagy To: Wilco Dijkstra Cc: Florian Weimer , Adhemerval Zanella , 'GNU C Library' Subject: Re: [PATCH v2] string: Fix OOB read on generic strncmp Message-ID: References: Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: SN7PR04CA0084.namprd04.prod.outlook.com (2603:10b6:806:121::29) To DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) MIME-Version: 1.0 X-MS-TrafficTypeDiagnostic: DB9PR08MB7179:EE_|DB9PR08MB9923:EE_|DBAEUR03FT019:EE_|AS2PR08MB10154:EE_ X-MS-Office365-Filtering-Correlation-Id: a503a280-7d2d-4911-4c76-08db1664ce63 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: SyHScP/sHueJ3LaWRGnUBbS+RAngPw3OLN8bQO942b+kgReQRSJaCoGr2YNmg4ijf9iKeEYRPF3BJu+Gu4j+RRK0GoI98eDcsS+nGPVeHwCFBvJ2zDoWh2AuVxneJC3PEztDdWEV6BjupvVw/nl+NvRerMe/O10ixcxdAOKcFojIGPPeeXMFMxM8L5ydjjZUhrFTeyB4koeymFiDK/lOdKSp8Eh0gyVGEuqJyndKw6a+xXMu33sTOdguKSadXgzudK8TAcKLusBKbrsS37m2pVX2NhZIWxjeljV4WZzbKQ94g5QdE/57AZiLR6Cq8/1ILcFyHXaWqkVg6lnrq0baD5sMlT/5jidNeUBIpP8e0PONDctpDX6yzqEqklIzG2F3wEdrW9vdbmbu6etAbkm80NEW0Wq5sqUzSFtTiCHXzjxxbrfnvQPhrC02mCeA1wzdDXIDAx7Kp9a9zumGJxbLkRSchM41kqQOPIod/pMBnMoHPMqBAJme76XAEJ0dzvROEBZMum9v1KZG0JVdhOF1fSF3KeX38Ovf/nbjFkHFOkMuKf/Jc5+yBHmSLgspM9yZhn9QwtJ6t3JukJ9oNWClkISRM3CWuQrmEQOCb3ipqylSOQPij1uCNcGS7IT6YEpwwI3jGOtrN+PgfBX2Ezhtwx6MKV2wjsWwPXDAW7CcQnptz90vZxm16TN9e9RHHegrowS+Z6vqHT2AOiS5Ab/sWif8qk9T0Q/beLeoErr4Ut6xeCusMH/jlrI2P/27YmDCo80nX2GNg3Kmrs4X8m0B2Q== X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR08MB7179.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(136003)(39860400002)(396003)(346002)(376002)(366004)(451199018)(26005)(2616005)(6486002)(186003)(478600001)(966005)(6666004)(4326008)(8676002)(66556008)(66476007)(6636002)(54906003)(66946007)(6506007)(6512007)(37006003)(316002)(41300700001)(8936002)(6862004)(5660300002)(2906002)(38100700002)(36756003)(86362001)(41533002)(17423001)(156123004);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR08MB9923 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DBAEUR03FT019.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: d8194986-87f6-41c4-a6d9-08db1664c7ca X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GQvVSajVspUCchwWADyImV67EboQVkWGZpBBaPwzyL0l5MuT/EWvrCskyqoZ33NhQpbFaz13gJ2NexOV4JXsMPKHD7hRl9jsNtIAhOjDajeOqDECbgrcn4+M0/gZgL3LKE3xTHEnvBOMm7HZCwBD5az8saCT6C4iX2Y0KsBaaXBlJxeIqp4Lt5Jda4gF2CDAtQab5wyo3NsILWDGNfNH97umfRt+pUBgcWgs1O2dTiu51NiogUja132TkgyCp4LzhVqYUBrzVXmdmgeqUP+lyZp+r4hY43Y1H1Nvr8TZai3zmr+W1Xs83ebBhrT+Rk1BAk33ND98VOwupNV3THKABfXQDjl106Yn7afPLFVVMF3hzLu0To/aN6BInF5V8x+uYNyviGyzSPRsWM8O7EZiGE8cwI0p6UJ5FfoT6copObAcEyha4lZFXtZNE6Bg6ENBUFbX8Fhggoid4vTHM7VE21aripAcVSQfmU0Pg9H43JMV7E40PrLffZyqJiR/NzYsMQallqq+rIUSfQ6Fzv1g33emlvoZH6Nb7/NNBXkEnFb6kFvld2L+M80rLpgPO5XCMKrykK0tjRWbsoKccU/Re+Jc1BNiXxrsZZ40MEU01IXF/lMt+TrRzZq/YmDhwoKcpPbYAI02WQv5Th8s+RdwpqGnfxvvsGcGTMsFxMeaH3tjgsqpjT1PIOASVrnRCNTJI1ylMJK/tec9oblWYhMOUsLP/iJu0JoS+zE9e/8rnliWuSd7EgLwDgPHY5EK7CNp3rQwfVzf2nUnzaKKaKEmaJXJITYEHpWINQ24OUbEnAX8LcdJfRpok2OQMuJL++Rz X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230025)(4636009)(376002)(396003)(346002)(136003)(39860400002)(451199018)(36840700001)(40470700004)(46966006)(40460700003)(86362001)(6862004)(5660300002)(82740400003)(8936002)(41300700001)(336012)(2906002)(966005)(2616005)(47076005)(37006003)(54906003)(6486002)(316002)(6506007)(70586007)(26005)(70206006)(356005)(8676002)(6666004)(6636002)(186003)(6512007)(478600001)(36756003)(82310400005)(40480700001)(36860700001)(81166007)(4326008)(41533002)(17423001)(156123004);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Feb 2023 12:44:01.8211 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a503a280-7d2d-4911-4c76-08db1664ce63 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DBAEUR03FT019.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR08MB10154 X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,FORGED_SPF_HELO,KAM_DMARC_NONE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE,TXREP,UNPARSEABLE_RELAY autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: The 02/24/2023 12:24, Wilco Dijkstra wrote: > > It's common to use strncmp as a starts-with predicate, like this: > > > > strncmp (s, "prefix", 5) > > > > This requires that reading stops at the first null byte. C11 wording > > makes this kind of usage inadvisable because it treats the inputs as > > arrays, and this means that mean that implementations could read past > > the null byte. But that doesn't match current programming practice. > > C11 says you can't read past the end of the array, but it doesn't say that > you *must* read past a NUL-byte. My interpretation is that this is a valid > strncmp implementation: > > int > simple_strncmp (const char *s1, const char *s2, size_t size) > { > size_t len1 = strnlen (s1, size); > size_t len2 = strnlen (s2, size); > if (len1 < len2) > len1++; > else if (len1 > len2) > len1 = len2 + 1; > return memcmp (s1, s2, len1); > } > > Ie. both strings must be valid up until the given size or NUL-terminated if > smaller. This works on the example above even if the first string is only 1 byte. note that the crypt/badsalttest test case that started this discussion relies on strncmp stopping at the first mismatch byte, not just at null byte: https://sourceware.org/git/?p=glibc.git;a=blob;f=crypt/badsalttest.c;h=bc1e5c1442c731b597551919bec9174ecd2cce61;hb=HEAD#l60 https://sourceware.org/git/?p=glibc.git;a=blob;f=crypt/crypt-entry.c;h=c24c0110a66a0b6a8e885b5a3d0e942da46b1325;hb=HEAD#l84 i think it's reasonable to support stopping the read at null byte but allow reading past the first mismatch. (memcmp allows reading past mismatches too). i.e. the strncmp patch and testcase patch is not needed. then the question is if non-null-termnated input is valid as crypt salt argument (if not the test should be fixed, if yes, it should not use strncmp).