[PATCH 2/2] ocfs2: Replace strlcpy with strscpy

From: Azeem Shaikh
Date: Wed Aug 30 2023 - 17:56:45 EST


strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().

Direct replacement is assumed to be safe here since
it's ok for `kernel_param_ops.get()` to return -errno [3].
This changes the behavior such that instead of silently ignoring the
case when sizeof(@buffer) < DLMFS_CAPABILITIES, we now return error.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
[3] https://elixir.bootlin.com/linux/v6.5/source/include/linux/moduleparam.h#L52

Signed-off-by: Azeem Shaikh <azeemshaikh38@xxxxxxxxx>
---
fs/ocfs2/dlmfs/dlmfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ocfs2/dlmfs/dlmfs.c b/fs/ocfs2/dlmfs/dlmfs.c
index 33e529de93b2..b001eccdd2f3 100644
--- a/fs/ocfs2/dlmfs/dlmfs.c
+++ b/fs/ocfs2/dlmfs/dlmfs.c
@@ -80,7 +80,7 @@ static int param_set_dlmfs_capabilities(const char *val,
static int param_get_dlmfs_capabilities(char *buffer,
const struct kernel_param *kp)
{
- return strlcpy(buffer, DLMFS_CAPABILITIES,
+ return strscpy(buffer, DLMFS_CAPABILITIES,
strlen(DLMFS_CAPABILITIES) + 1);
}
static const struct kernel_param_ops dlmfs_capabilities_ops = {
--
2.42.0.283.g2d96d420d3-goog