[PATCH] KEYS: Replace all non-returning strlcpy with strscpy

From: Azeem Shaikh
Date: Thu May 18 2023 - 00:15:32 EST

Next message: Chen Yu: "Re: [RFC PATCH] sched/fair: Introduce SIS_PAIR to wakeup task on local idle core first"
Previous message: syzbot: "[syzbot] [fbdev?] [usb?] WARNING in dlfb_submit_urb/usb_submit_urb (2)"
Next in thread: Jarkko Sakkinen: "Re: [PATCH] KEYS: Replace all non-returning strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@xxxxxxxxx>
---
security/keys/request_key_auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index 41e9735006d0..8f33cd170e42 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -178,7 +178,7 @@ struct key *request_key_auth_new(struct key *target, const char *op,
if (!rka->callout_info)
goto error_free_rka;
rka->callout_len = callout_len;
- strlcpy(rka->op, op, sizeof(rka->op));
+ strscpy(rka->op, op, sizeof(rka->op));

/* see if the calling process is already servicing the key request of
* another process */

Next message: Chen Yu: "Re: [RFC PATCH] sched/fair: Introduce SIS_PAIR to wakeup task on local idle core first"
Previous message: syzbot: "[syzbot] [fbdev?] [usb?] WARNING in dlfb_submit_urb/usb_submit_urb (2)"
Next in thread: Jarkko Sakkinen: "Re: [PATCH] KEYS: Replace all non-returning strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]