mirror_zfs/include/os/freebsd/spl/sys
Richard Yao 97143b9d31 Introduce kmem_scnprintf()
`snprintf()` is meant to protect against buffer overflows, but operating
on the buffer using its return value, possibly by calling it again, can
cause a buffer overflow, because it will return how many characters it
would have written if it had enough space even when it did not. In a
number of places, we repeatedly call snprintf() by successively
incrementing a buffer offset and decrementing a buffer length, by its
return value. This is a potentially unsafe usage of `snprintf()`
whenever the buffer length is reached. CodeQL complained about this.

To fix this, we introduce `kmem_scnprintf()`, which will return 0 when
the buffer is zero or the number of written characters, minus 1 to
exclude the NULL character, when the buffer was too small. In all other
cases, it behaves like snprintf(). The name is inspired by the Linux and
XNU kernels' `scnprintf()`. The implementation was written before I
thought to look at `scnprintf()` and had a good name for it, but it
turned out to have identical semantics to the Linux kernel version.
That lead to the name, `kmem_scnprintf()`.

CodeQL only catches this issue in loops, so repeated use of snprintf()
outside of a loop was not caught. As a result, a thorough audit of the
codebase was done to examine all instances of `snprintf()` usage for
potential problems and a few were caught. Fixes for them are included in
this patch.

Unfortunately, ZED is one of the places where `snprintf()` is
potentially used incorrectly. Since using `kmem_scnprintf()` in it would
require changing how it is linked, we modify its usage to make it safe,
no matter what buffer length is used. In addition, there was a bug in
the use of the return value where the NULL format character was not
being written by pwrite(). That has been fixed.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14098
2022-10-29 13:05:11 -07:00
..
acl_impl.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
acl.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
atomic.h Add membar_sync 2022-09-20 15:32:44 -07:00
byteorder.h Reduce false positives from Static Analyzers 2022-09-30 15:30:12 -07:00
callb.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
ccompat.h Clean up CSTYLEDs 2022-01-26 11:38:52 -08:00
ccompile.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
cmn_err.h Reduce false positives from Static Analyzers 2022-09-30 15:30:12 -07:00
condvar.h FreeBSD: make adjustments for the standalone environment 2020-10-13 21:05:49 -07:00
cred.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
ctype.h Clean up CSTYLEDs 2022-01-26 11:38:52 -08:00
debug.h debug: fix output from VERIFY0 assertion 2022-10-28 11:46:44 -07:00
dirent.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
disp.h Cleanup: Use OpenSolaris functions to call scheduler 2022-09-12 09:55:37 -07:00
dkio.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
fcntl.h FreeBSD: fix HEAD build, conditionally remove FDSYNC defines 2021-01-23 15:39:55 -08:00
file.h Rename refcount.h to zfs_refcount.h 2020-07-29 16:35:33 -07:00
freebsd_rwlock.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
idmap.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
inttypes.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
isa_defs.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
kmem_cache.h FreeBSD: make adjustments for the standalone environment 2020-10-13 21:05:49 -07:00
kmem.h Introduce kmem_scnprintf() 2022-10-29 13:05:11 -07:00
kstat.h Cleanup: Switch to strlcpy from strncpy 2022-09-27 16:35:29 -07:00
list_impl.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
list.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
lock.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
misc.h Remove hw_serial, ddi_strtoul() 2022-05-13 10:15:31 -07:00
mod_os.h Cleanup: 64-bit kernel module parameters should use fixed width types 2022-10-13 10:03:29 -07:00
mode.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
mount.h freebsd: changes necessary to coexist with dtrace in tree 2020-07-01 09:10:08 -07:00
mutex.h FreeBSD: Don't require zeroing new locks before init 2020-06-13 10:58:10 -07:00
param.h Refactor ccompile.h to not include system headers 2020-07-25 20:09:50 -07:00
policy.h Share zfs_fsync, zfs_read, zfs_write, et al between Linux and FreeBSD 2020-10-21 14:08:06 -07:00
proc.h FreeBSD: make adjustments for the standalone environment 2020-10-13 21:05:49 -07:00
processor.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
procfs_list.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
random.h FreeBSD: fix compilation of FreeBSD world after 29274c9f6 2021-06-25 10:28:51 -07:00
rwlock.h spl: Don't check FreeBSD rwlocks for double initialization (#13019) 2022-01-31 10:58:45 -08:00
sdt.h Clean up CSTYLEDs 2022-01-26 11:38:52 -08:00
sid.h Fix ACL checks for NFS kernel server 2022-03-18 06:47:57 -06:00
sig.h FreeBSD: make adjustments for the standalone environment 2020-10-13 21:05:49 -07:00
simd_powerpc.h Fix double declaration of getauxval() for FreeBSD PPC 2022-09-26 10:32:22 -07:00
simd_x86.h Add PPC cpu feature tests for FreeBSD and Linux 2022-09-16 14:25:53 -07:00
simd.h Add PPC cpu feature tests for FreeBSD and Linux 2022-09-16 14:25:53 -07:00
spl_condvar.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
string.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
sunddi.h Remove hw_serial, ddi_strtoul() 2022-05-13 10:15:31 -07:00
sysmacros.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
systeminfo.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
systm.h Refactor ccompile.h to not include system headers 2020-07-25 20:09:50 -07:00
taskq.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
thread.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
time.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
timer.h Cleanup: Use OpenSolaris functions to call scheduler 2022-09-12 09:55:37 -07:00
trace_zfs.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
trace.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
types32.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
types.h Support idmapped mount 2022-10-19 11:17:09 -07:00
uio.h Cleaning up uio headers 2021-02-20 20:16:50 -08:00
uuid.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
vfs.h FreeBSD: Cleanup dead code from VFS 2022-09-02 13:20:10 -07:00
vm.h Use new FreeBSD API to largely eliminate object locking 2020-04-17 09:30:26 -07:00
vmsystm.h Add FreeBSD support to OpenZFS 2020-04-14 11:36:28 -07:00
vnode_impl.h FreeBSD: Cleanup zfs_readdir() 2022-09-20 14:50:16 -07:00
vnode.h FreeBSD: vn_flush_cached_data: observe vnode locking contract 2022-10-26 15:00:58 -07:00
wmsum.h Introduce write-mostly sums 2021-05-27 14:27:29 -06:00
zmod.h Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
zone.h FreeBSD: Simplify INGLOBALZONE 2020-08-31 19:43:08 -07:00