tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

block: Replace all non-returning strlcpy with strscpy

strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230530155608.272266-1-azeemshaikh38@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>

authored by

Azeem Shaikh and committed by
Jens Axboe 20d09975 5a0ac57c

+3 -3
+1 -1
block/blk-cgroup-fc-appid.c
··· 34 34 * the vmid from the fabric. 35 35 * Adding the overhead of a lock is not necessary. 36 36 */ 37 - strlcpy(blkcg->fc_app_id, app_id, app_id_len); 37 + strscpy(blkcg->fc_app_id, app_id, app_id_len); 38 38 css_put(css); 39 39 out_cgrp_put: 40 40 cgroup_put(cgrp);
+1 -1
block/elevator.c
··· 751 751 if (!elv_support_iosched(q)) 752 752 return count; 753 753 754 - strlcpy(elevator_name, buf, sizeof(elevator_name)); 754 + strscpy(elevator_name, buf, sizeof(elevator_name)); 755 755 ret = elevator_change(q, strstrip(elevator_name)); 756 756 if (!ret) 757 757 return count;
+1 -1
block/genhd.c
··· 253 253 #ifdef CONFIG_BLOCK_LEGACY_AUTOLOAD 254 254 p->probe = probe; 255 255 #endif 256 - strlcpy(p->name, name, sizeof(p->name)); 256 + strscpy(p->name, name, sizeof(p->name)); 257 257 p->next = NULL; 258 258 index = major_to_index(major); 259 259