Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}

[Jan Kara]

On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> strcpy() has been deprecated [1] because it performs no bounds checking
> on the destination buffer, which can lead to buffer overflows. Replace
> it with the safer strscpy().
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>

I was a bit undecided about this one because I was wondering what
additional protection does the use of strscpy() bring here. But I guess the
protection from corrupted qstr (where the length doesn't match the real string
length) makes some sense. So I've taken the patch into my tree. Thanks!

								Honza

> ---
>  fs/notify/fanotify/fanotify.h | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h
> index 39e60218df7c..a0619e7694d5 100644
> --- a/fs/notify/fanotify/fanotify.h
> +++ b/fs/notify/fanotify/fanotify.h
> @@ -2,6 +2,7 @@
>  #include <linux/fsnotify_backend.h>
>  #include <linux/path.h>
>  #include <linux/slab.h>
> +#include <linux/string.h>
>  #include <linux/exportfs.h>
>  #include <linux/hashtable.h>
>  
> @@ -218,7 +219,7 @@ static inline void fanotify_info_copy_name(struct fanotify_info *info,
>  		return;
>  
>  	info->name_len = name->len;
> -	strcpy(fanotify_info_name(info), name->name);
> +	strscpy(fanotify_info_name(info), name->name, name->len + 1);
>  }
>  
>  static inline void fanotify_info_copy_name2(struct fanotify_info *info,
> @@ -228,7 +229,7 @@ static inline void fanotify_info_copy_name2(struct fanotify_info *info,
>  		return;
>  
>  	info->name2_len = name->len;
> -	strcpy(fanotify_info_name2(info), name->name);
> +	strscpy(fanotify_info_name2(info), name->name, name->len + 1);
>  }
>  
>  /*
-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR