[PATCH] scsi: aacraid: Replace all non-returning strlcpy with strscpy

From: Azeem Shaikh
Date: Wed May 17 2023 - 10:31:04 EST

Next message: Wu Bo: "Re: [f2fs-dev] [PATCH 1/1] f2fs: pass I_NEW flag to trace event"
Previous message: Mark Brown: "Re: [PATCH 08/10] pinctrl: cs42l43: Add support for the cs42l43"
Next in thread: Kees Cook: "Re: [PATCH] scsi: aacraid: Replace all non-returning strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@xxxxxxxxx>
---
drivers/scsi/aacraid/aachba.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/aacraid/aachba.c b/drivers/scsi/aacraid/aachba.c
index 24c049eff157..70e1cac1975e 100644
--- a/drivers/scsi/aacraid/aachba.c
+++ b/drivers/scsi/aacraid/aachba.c
@@ -3289,7 +3289,7 @@ static int query_disk(struct aac_dev *dev, void __user *arg)
else
qd.unmapped = 0;

- strlcpy(qd.name, fsa_dev_ptr[qd.cnum].devname,
+ strscpy(qd.name, fsa_dev_ptr[qd.cnum].devname,
min(sizeof(qd.name), sizeof(fsa_dev_ptr[qd.cnum].devname) + 1));

if (copy_to_user(arg, &qd, sizeof (struct aac_query_disk)))

Next message: Wu Bo: "Re: [f2fs-dev] [PATCH 1/1] f2fs: pass I_NEW flag to trace event"
Previous message: Mark Brown: "Re: [PATCH 08/10] pinctrl: cs42l43: Add support for the cs42l43"
Next in thread: Kees Cook: "Re: [PATCH] scsi: aacraid: Replace all non-returning strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]