Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-10 06:01:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

lib/string_helpers: rework overflow-dependent code

Browse Source 
When @size is 0, the desired behavior is to allow unlimited bytes to be
parsed. Currently, this relies on some intentional arithmetic overflow
where --size gives us SIZE_MAX when size is 0.

Explicitly spell out the desired behavior without relying on intentional
overflow/underflow.

Signed-off-by: Justin Stitt <justinstitt@google.com>
Link: https://lore.kernel.org/r/20240808-b4-string_helpers_caa133-v1-1-686a455167c4@google.com
Signed-off-by: Kees Cook <kees@kernel.org>
This commit is contained in:
Justin Stitt 2024-08-08 14:43:56 -07:00 committed by Kees Cook
parent 0336f89888
commit bbf3c7ff9d
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/string_helpers.c
View File

@ -321,6 +321,9 @@ int string_unescape(char *src, char *dst, size_t size, unsigned int flags)
{
char *out = dst;
if (!size)
size = SIZE_MAX;
while (*src && --size) {
if (src[0] == '\\' && src[1] != '\0' && size > 1) {
src++;