strscpy: zero any trailing garbage bytes in the destination

It's possible that the destination can be shadowed in userspace (as, for example, the perf buffers are now). So we should take care not to leak data that could be inspected by userspace. Signed-off-by: N Chris Metcalf <cmetcalf@ezchip.com>

strscpy: zero any trailing garbage bytes in the destination
It's possible that the destination can be shadowed in userspace (as, for example, the perf buffers are now). So we should take care not to leak data that could be inspected by userspace. Signed-off-by: N Chris Metcalf <cmetcalf@ezchip.com>
990486c8 · Chris Metcalf · c753bf34 · 990486c8
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

lib/string.c lib/string.c +2 -1

未找到文件。
--- a/lib/string.c
+++ b/lib/string.c
@@ -203,12 +203,13 @@ ssize_t strscpy(char *dest, const char *src, size_t count)
 		unsigned long c, data;

 		c = *(unsigned long *)(src+res);
-		*(unsigned long *)(dest+res) = c;
 		if (has_zero(c, &data, &constants)) {
 			data = prep_zero_mask(c, data, &constants);
 			data = create_zero_mask(data);
+			*(unsigned long *)(dest+res) = c & zero_bytemask(data);
 			return res + find_zero(data);
 		}
+		*(unsigned long *)(dest+res) = c;
 		res += sizeof(unsigned long);
 		count -= sizeof(unsigned long);
 		max -= sizeof(unsigned long);