lkdtm/fortify: Swap memcpy() for strncpy()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The memcpy() runtime defenses are still not landed, so test with
strncpy() for now.

Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reported-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
Reviewed-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220216202548.2093883-1-keescook@chromium.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Kees Cook and committed by

Greg Kroah-Hartman 4 years ago f4e335f3 2c9ae453

+3 -3

1 changed file

expand all

drivers

misc

lkdtm

fortify.c

+3 -3

drivers/misc/lkdtm/fortify.c

··· 44 44 strscpy(src, "over ten bytes", size); 45 45 size = strlen(src) + 1; 46 46 47 - pr_info("trying to strcpy past the end of a member of a struct\n"); 47 + pr_info("trying to strncpy past the end of a member of a struct\n"); 48 48 49 49 /* 50 - * memcpy(target.a, src, 20); will hit a compile error because the 50 + * strncpy(target.a, src, 20); will hit a compile error because the 51 51 * compiler knows at build time that target.a < 20 bytes. Use a 52 52 * volatile to force a runtime error. 53 53 */ 54 - memcpy(target.a, src, size); 54 + strncpy(target.a, src, size); 55 55 56 56 /* Store result to global to prevent the code from being eliminated */ 57 57 fortify_scratch_space = target.a[3];