mirror of
https://github.com/torvalds/linux.git
synced 2024-11-25 13:41:51 +00:00
40b2519d75
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated[1]. Additionally, it returns the size of the source string, not the resulting size of the destination string. In an effort to remove strlcpy() completely[2], replace strlcpy() here with strscpy(). Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [1] Link: https://github.com/KSPP/linux/issues/89 [2] Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Valentin Schneider <vschneid@redhat.com> Cc: "Steven Rostedt (Google)" <rostedt@goodmis.org> Cc: Chuck Lever <chuck.lever@oracle.com> Cc: Geliang Tang <geliang.tang@suse.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Arnd Bergmann <arnd@arndb.de> Acked-by: "Steven Rostedt (Google)" <rostedt@goodmis.org> Link: https://lore.kernel.org/r/20231116191510.work.550-kees@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> |
||
---|---|---|
.. | ||
Makefile | ||
v4l2-pci-skeleton.c |