tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

PNP: ACPI: replace deprecated strncpy() with strscpy()

strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.

We know dev->name should be NUL-terminated based on the presence of a
manual NUL-byte assignment.

NUL-padding is not required as dev is already zero-allocated which
renders any further NUL-byte assignments redundant:
dev = pnp_alloc_dev(&pnpacpi_protocol, num, pnpid); --->
dev = kzalloc(sizeof(struct pnp_dev), GFP_KERNEL);

Considering the above, a suitable replacement is `strscpy` [2] due to
the fact that it guarantees NUL-termination on the destination buffer
without unnecessarily NUL-padding. This simplifies the code and makes
the intent/behavior more obvious.

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Signed-off-by: Justin Stitt <justinstitt@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>

authored by

Justin Stitt and committed by
Rafael J. Wysocki eda1a746 eeb6d1d6

+2 -5
+2 -5
drivers/pnp/pnpacpi/core.c
··· 250 250 dev->capabilities |= PNP_DISABLE; 251 251 252 252 if (strlen(acpi_device_name(device))) 253 - strncpy(dev->name, acpi_device_name(device), sizeof(dev->name)); 253 + strscpy(dev->name, acpi_device_name(device), sizeof(dev->name)); 254 254 else 255 - strncpy(dev->name, acpi_device_bid(device), sizeof(dev->name)); 256 - 257 - /* Handle possible string truncation */ 258 - dev->name[sizeof(dev->name) - 1] = '\0'; 255 + strscpy(dev->name, acpi_device_bid(device), sizeof(dev->name)); 259 256 260 257 if (dev->active) 261 258 pnpacpi_parse_allocated_resource(dev);