Re: [PATCH net 3/4] net: dsa: microchip: Utilize strncpy() for ethtool::get_strings

From: Florian Fainelli
Date: Fri Mar 02 2018 - 13:25:19 EST

Next message: Doug Anderson: "Re: [PATCH V2 2/2] mmc: sdhci-msm: support voltage pad switching"
Previous message: Doug Anderson: "Re: [PATCH V2 1/2] mmc: sdhci-msm: Add support to store supported vdd-io voltages"
In reply to: David Laight: "RE: [PATCH net 3/4] net: dsa: microchip: Utilize strncpy() for ethtool::get_strings"
Next in thread: Florian Fainelli: "[PATCH net 1/4] net: dsa: b53: Use strncpy() for ethtool::get_strings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/02/2018 02:51 AM, David Laight wrote:
> From: Florian Fainelli
>>
>> Do not use memcpy() which is not safe, but instead use strncpy() which
>> will make sure that the string is NUL terminated (in the Linux
>> implementation) if the string is smaller than the length specified. This
>> fixes KASAN out of bounds warnings while fetching port statistics.
>
> You really ought to use a copy function that will truncate the
> string if it is too long.
> Just assuming the string isn't too long is asking for trouble.
> You might (almost) just use strcpy().
>
> strlcpy() will probably work best here.

Right, or if we actually do size the statistics string to be
ETH_GSTRING_LEN bytes, memcpy() can be used, provided that the strings
are initialized correctly (which they are).
--
Florian

Next message: Doug Anderson: "Re: [PATCH V2 2/2] mmc: sdhci-msm: support voltage pad switching"
Previous message: Doug Anderson: "Re: [PATCH V2 1/2] mmc: sdhci-msm: Add support to store supported vdd-io voltages"
In reply to: David Laight: "RE: [PATCH net 3/4] net: dsa: microchip: Utilize strncpy() for ethtool::get_strings"
Next in thread: Florian Fainelli: "[PATCH net 1/4] net: dsa: b53: Use strncpy() for ethtool::get_strings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]