Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}

Next message: Nora Schiffer: "Re: [PATCH] arm64: dts: ti: k3-j722s: Add main_i2c4 device node"
Previous message: Ronald Claveau: "[PATCH v3 2/9] dt-bindings: mmc: amlogic: Add compatible for T7 mmc"
In reply to: Jan Kara: "Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}"
Next in thread: Amir Goldstein: "Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian Brauner

Date: Mon Mar 23 2026 - 06:19:46 EST

On Mon, Mar 23, 2026 at 10:14:24AM +0100, Jan Kara wrote:
> On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> > strcpy() has been deprecated [1] because it performs no bounds checking
> > on the destination buffer, which can lead to buffer overflows. Replace
> > it with the safer strscpy().
> >
> > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> > Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
>
> I was a bit undecided about this one because I was wondering what
> additional protection does the use of strscpy() bring here. But I guess the
> protection from corrupted qstr (where the length doesn't match the real string
> length) makes some sense. So I've taken the patch into my tree. Thanks!

Fwiw, patches are now auto-tested on vfs-ci:
https://github.com/linux-fsdevel/vfs/pull/860
Just for some testing data. We should probably hook up the relevant LTP
tests for fanotify there as well.