cifs: remove coverity warning in calc_lanman_hash

Message ID 20181212015000.24205-1-lsahlber@redhat.com
State New
Headers show
Series
  • cifs: remove coverity warning in calc_lanman_hash
Related show

Commit Message

Ronnie Sahlberg Dec. 12, 2018, 1:50 a.m.
password_with_pad is a fixed size buffer of 16 bytes, it contains a
password string, to be padded with \0 if shorter than 16 bytes
but is just truncated if longer.
It is not, and we do not depend on it to be, nul terminated.

As such, do not use strncpy() to populate this buffer since
the str* prefix suggests that this is a string, which it is not,
and it also confuses coverity causing a false warning.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
 fs/cifs/cifsencrypt.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

Comments

Steve French Dec. 12, 2018, 6:09 a.m. | #1
merged into cifs-2.6.git for-next

Let me know if any objections

On Tue, Dec 11, 2018 at 7:50 PM Ronnie Sahlberg <lsahlber@redhat.com> wrote:
>
> password_with_pad is a fixed size buffer of 16 bytes, it contains a
> password string, to be padded with \0 if shorter than 16 bytes
> but is just truncated if longer.
> It is not, and we do not depend on it to be, nul terminated.
>
> As such, do not use strncpy() to populate this buffer since
> the str* prefix suggests that this is a string, which it is not,
> and it also confuses coverity causing a false warning.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> ---
>  fs/cifs/cifsencrypt.c | 11 ++++++++---
>  1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
> index ecdff344e8fe..d2a05e46d6f5 100644
> --- a/fs/cifs/cifsencrypt.c
> +++ b/fs/cifs/cifsencrypt.c
> @@ -304,12 +304,17 @@ int setup_ntlm_response(struct cifs_ses *ses, const struct nls_table *nls_cp)
>  int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
>                         char *lnm_session_key)
>  {
> -       int i;
> +       int i, len;
>         int rc;
>         char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
>
> -       if (password)
> -               strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
> +       if (password) {
> +               for (len = 0; len < CIFS_ENCPWD_SIZE; len++)
> +                       if (!password[len])
> +                               break;
> +
> +               memcpy(password_with_pad, password, len);
> +       }
>
>         if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
>                 memcpy(lnm_session_key, password_with_pad,
> --
> 2.13.6
>

Patch

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index ecdff344e8fe..d2a05e46d6f5 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -304,12 +304,17 @@  int setup_ntlm_response(struct cifs_ses *ses, const struct nls_table *nls_cp)
 int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
 			char *lnm_session_key)
 {
-	int i;
+	int i, len;
 	int rc;
 	char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
 
-	if (password)
-		strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
+	if (password) {
+		for (len = 0; len < CIFS_ENCPWD_SIZE; len++)
+			if (!password[len])
+				break;
+
+		memcpy(password_with_pad, password, len);
+	}
 
 	if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
 		memcpy(lnm_session_key, password_with_pad,