Re: [PATCH AUTOSEL 5.10 02/14] crypto: lrw,xts - Replace strlcpy with strscpy

From: Pavel Machek
Date: Mon Sep 11 2023 - 17:18:16 EST

Next message: LeoLiu-oc: "Re: [PATCH v3 2/5] ACPI/APEI: Remove static from apei_hest_parse()"
Previous message: Neil Armstrong: "Re: (subset) [PATCH V3 RESEND 0/6] Power: T7: add power domain driver"
In reply to: Sasha Levin: "[PATCH AUTOSEL 5.10 02/14] crypto: lrw,xts - Replace strlcpy with strscpy"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 5.10 14/14] Bluetooth: btusb: Fix quirks table naming"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri 2023-09-08 14:19:49, Sasha Levin wrote:
> From: Azeem Shaikh <azeemshaikh38@xxxxxxxxx>
>
> [ Upstream commit babb80b3ecc6f40c962e13c654ebcd27f25ee327 ]
>
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
>
> Direct replacement is safe here since return value of -errno
> is used to check for truncation instead of sizeof(dest).

We don't need this in stable, do we?

BR,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Erika Unter
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Attachment: signature.asc
Description: PGP signature

Next message: LeoLiu-oc: "Re: [PATCH v3 2/5] ACPI/APEI: Remove static from apei_hest_parse()"
Previous message: Neil Armstrong: "Re: (subset) [PATCH V3 RESEND 0/6] Power: T7: add power domain driver"
In reply to: Sasha Levin: "[PATCH AUTOSEL 5.10 02/14] crypto: lrw,xts - Replace strlcpy with strscpy"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 5.10 14/14] Bluetooth: btusb: Fix quirks table naming"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]