Re: [PATCH v2] nfc: pn544: i2c: Replace strcpy() with strscpy()

Next message: Vadim Fedorenko: "Re: [PATCH v1] ptp: ocp: Add support for Xilinx-based Adva TimeCard variant"
Previous message: Ioana Ciocoi-Radulescu: "[PATCH 8/9] accel/neutron: Add logging support"
In reply to: tomasz . unger: "[PATCH v2] nfc: pn544: i2c: Replace strcpy() with strscpy()"
Next in thread: Jakub Kicinski: "Re: [PATCH v2] nfc: pn544: i2c: Replace strcpy() with strscpy()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Simon Horman

Date: Thu Feb 26 2026 - 08:52:41 EST

On Wed, Feb 25, 2026 at 06:27:15PM +0100, tomasz.unger@xxxxxxxx wrote:
> From: Tomasz Unger <tomasz.unger@xxxxxxxx>
>
> strcpy() does not limit the number of bytes copied which can lead to
> buffer overflow when firmware_name is derived from user input via
> NFC subsystem. This is a bug fix, not a cleanup.
>
> Replace with strscpy() which limits the copy to the size of the
> destination buffer. Since phy->firmware_name is an array, the
> two-argument variant of strscpy() is used - the compiler deduces
> the buffer size automatically.
>
> Fixes: 06c660340f1e ("NFC: pn544: i2c: Add firmware download implementation for pn544")
> Signed-off-by: Tomasz Unger <tomasz.unger@xxxxxxxx>
> ---
> Changes since v1 (requested by Simon Horman <horms@xxxxxxxxxx>):
> - Use two-argument strscpy() since phy->firmware_name is an array

Thanks for the update.

Reviewed-by: Simon Horman <horms@xxxxxxxxxx>