scsi: ncr53c8xx: Replace strlcpy() with strscpy()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NUL-terminated [1]. In an effort
to remove strlcpy() completely [2], replace strlcpy() here with strscpy().

No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Link: https://lore.kernel.org/r/20230621030033.3800351-2-azeemshaikh38@gmail.com
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

authored by

Azeem Shaikh and committed by

Martin K. Petersen 2 years ago d1e8a9fb 00c2cae6

+1 -1

1 changed file

expand all

drivers

scsi

ncr53c8xx.c

+1 -1

drivers/scsi/ncr53c8xx.c

··· 4555 4555 char inst_name[16]; 4556 4556 4557 4557 /* Local copy so we don't access np after freeing it! */ 4558 - strlcpy(inst_name, ncr_name(np), sizeof(inst_name)); 4558 + strscpy(inst_name, ncr_name(np), sizeof(inst_name)); 4559 4559 4560 4560 printk("%s: releasing host resources\n", ncr_name(np)); 4561 4561