mirror of
https://github.com/torvalds/linux.git
synced 2024-11-22 12:11:40 +00:00
8ebab155ea
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). Direct replacement is safe here since return value of -errno is used to check for truncation instead of sizeof(dest). [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230830160806.3821893-1-azeemshaikh38@gmail.com Signed-off-by: Kees Cook <keescook@chromium.org> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| build-version | ||
| calibrate.c | ||
| do_mounts_initrd.c | ||
| do_mounts_rd.c | ||
| do_mounts.c | ||
| do_mounts.h | ||
| init_task.c | ||
| initramfs.c | ||
| Kconfig | ||
| main.c | ||
| Makefile | ||
| noinitramfs.c | ||
| version-timestamp.c | ||
| version.c | ||