gcc-plugins/stackleak: Exactly match strings instead of prefixes

stable inclusion from stable-v5.10.110 commit 9d1d8e5e42941d3a51f7cde3bee93c2b47838aaa bugzilla: https://gitee.com/openeuler/kernel/issues/I574AL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9d1d8e5e42941d3a51f7cde3bee93c2b47838aaa -------------------------------- [ Upstream commit 27e9faf4 ] Since STRING_CST may not be NUL terminated, strncmp() was used for check for equality. However, this may lead to mismatches for longer section names where the start matches the tested-for string. Test for exact equality by checking for the presences of NUL termination. Cc: Alexander Popov <alex.popov@linux.com> Signed-off-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Yu Liao <liaoyu15@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>

gcc-plugins/stackleak: Exactly match strings instead of prefixes
stable inclusion from stable-v5.10.110 commit 9d1d8e5e42941d3a51f7cde3bee93c2b47838aaa bugzilla: https://gitee.com/openeuler/kernel/issues/I574AL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9d1d8e5e42941d3a51f7cde3bee93c2b47838aaa -------------------------------- [ Upstream commit 27e9faf4 ] Since STRING_CST may not be NUL terminated, strncmp() was used for check for equality. However, this may lead to mismatches for longer section names where the start matches the tested-for string. Test for exact equality by checking for the presences of NUL termination. Cc: Alexander Popov <alex.popov@linux.com> Signed-off-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Yu Liao <liaoyu15@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>
413c0dd1 · Kees Cook · Zheng Zengkai · fc870f93 · 413c0dd1
显示空白变更内容
内联并排

Showing with 21 addition and 4 deletion

scripts/gcc-plugins/stackleak_plugin.c scripts/gcc-plugins/stackleak_plugin.c +21 -4

未找到文件。
--- a/scripts/gcc-plugins/stackleak_plugin.c
+++ b/scripts/gcc-plugins/stackleak_plugin.c
@@ -431,6 +431,23 @@ static unsigned int stackleak_cleanup_execute(void)
 	return 0;
 }
+/*
+ * STRING_CST may or may not be NUL terminated:
+ * https://gcc.gnu.org/onlinedocs/gccint/Constant-expressions.html
+ */
+static inline bool string_equal(tree node, const char *string, int length)
+{
+	if (TREE_STRING_LENGTH(node) < length)
+		return false;
+	if (TREE_STRING_LENGTH(node) > length + 1)
+		return false;
+	if (TREE_STRING_LENGTH(node) == length + 1 &&
+	    TREE_STRING_POINTER(node)[length] != '\0')
+		return false;
+	return !memcmp(TREE_STRING_POINTER(node), string, length);
+}
+#define STRING_EQUAL(node, str)	string_equal(node, str, strlen(str))
 static bool stackleak_gate(void)
 {
 	tree section;
@@ -440,13 +457,13 @@ static bool stackleak_gate(void)
 	if (section && TREE_VALUE(section)) {
 		section = TREE_VALUE(TREE_VALUE(section));
-		if (!strncmp(TREE_STRING_POINTER(section), ".init.text", 10))
+		if (STRING_EQUAL(section, ".init.text"))
 			return false;
-		if (!strncmp(TREE_STRING_POINTER(section), ".devinit.text", 13))
+		if (STRING_EQUAL(section, ".devinit.text"))
 			return false;
-		if (!strncmp(TREE_STRING_POINTER(section), ".cpuinit.text", 13))
+		if (STRING_EQUAL(section, ".cpuinit.text"))
 			return false;
-		if (!strncmp(TREE_STRING_POINTER(section), ".meminit.text", 13))
+		if (STRING_EQUAL(section, ".meminit.text"))
 			return false;
 	}