tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

samples: Replace strlcpy() with strscpy()

strlcpy() reads the entire source buffer first. This read may exceed
the destination size limit. This is both inefficient and can lead
to linear read overflows if a source string is not NUL-terminated[1].
Additionally, it returns the size of the source string, not the
resulting size of the destination string. In an effort to remove strlcpy()
completely[2], replace strlcpy() here with strscpy().

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [1]
Link: https://github.com/KSPP/linux/issues/89 [2]
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Valentin Schneider <vschneid@redhat.com>
Cc: "Steven Rostedt (Google)" <rostedt@goodmis.org>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Geliang Tang <geliang.tang@suse.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Arnd Bergmann <arnd@arndb.de>
Acked-by: "Steven Rostedt (Google)" <rostedt@goodmis.org>
Link: https://lore.kernel.org/r/20231116191510.work.550-kees@kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>

Kees Cook 40b2519d cb6d2fd3

+6 -6
+1 -1
samples/trace_events/trace-events-sample.h
··· 305 305 ), 306 306 307 307 TP_fast_assign( 308 - strlcpy(__entry->foo, foo, 10); 308 + strscpy(__entry->foo, foo, 10); 309 309 __entry->bar = bar; 310 310 memcpy(__get_dynamic_array(list), lst, 311 311 __length_of(lst) * sizeof(int));
+5 -5
samples/v4l/v4l2-pci-skeleton.c
··· 291 291 { 292 292 struct skeleton *skel = video_drvdata(file); 293 293 294 - strlcpy(cap->driver, KBUILD_MODNAME, sizeof(cap->driver)); 295 - strlcpy(cap->card, "V4L2 PCI Skeleton", sizeof(cap->card)); 294 + strscpy(cap->driver, KBUILD_MODNAME, sizeof(cap->driver)); 295 + strscpy(cap->card, "V4L2 PCI Skeleton", sizeof(cap->card)); 296 296 snprintf(cap->bus_info, sizeof(cap->bus_info), "PCI:%s", 297 297 pci_name(skel->pdev)); 298 298 return 0; ··· 597 597 i->type = V4L2_INPUT_TYPE_CAMERA; 598 598 if (i->index == 0) { 599 599 i->std = SKEL_TVNORMS; 600 - strlcpy(i->name, "S-Video", sizeof(i->name)); 600 + strscpy(i->name, "S-Video", sizeof(i->name)); 601 601 i->capabilities = V4L2_IN_CAP_STD; 602 602 } else { 603 603 i->std = 0; 604 - strlcpy(i->name, "HDMI", sizeof(i->name)); 604 + strscpy(i->name, "HDMI", sizeof(i->name)); 605 605 i->capabilities = V4L2_IN_CAP_DV_TIMINGS; 606 606 } 607 607 return 0; ··· 845 845 846 846 /* Initialize the video_device structure */ 847 847 vdev = &skel->vdev; 848 - strlcpy(vdev->name, KBUILD_MODNAME, sizeof(vdev->name)); 848 + strscpy(vdev->name, KBUILD_MODNAME, sizeof(vdev->name)); 849 849 /* 850 850 * There is nothing to clean up, so release is set to an empty release 851 851 * function. The release callback must be non-NULL.