Message ID | 20230710030711.812898-1-azeemshaikh38@gmail.com (mailing list archive) |
---|---|
State | Mainlined |
Commit | 989b52cdc84955c2a35bc18f53e3a83edfa6f404 |
Headers | show |
Series | net: sched: Replace strlcpy with strscpy | expand |
On Mon, Jul 10, 2023 at 8:37 AM Azeem Shaikh <azeemshaikh38@gmail.com> wrote: > > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > Direct replacement is safe here since return value of -errno > is used to check for truncation instead of sizeof(dest). > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > [2] https://github.com/KSPP/linux/issues/89 > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> > --- Looks good to me. Reviewed-by: Pavan Chebbi <pavan.chebbi@broadcom.com> > net/sched/act_api.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/sched/act_api.c b/net/sched/act_api.c > index f7887f42d542..9d3f26bf0440 100644 > --- a/net/sched/act_api.c > +++ b/net/sched/act_api.c > @@ -1320,7 +1320,7 @@ struct tc_action_ops *tc_action_load_ops(struct nlattr *nla, bool police, > return ERR_PTR(err); > } > } else { > - if (strlcpy(act_name, "police", IFNAMSIZ) >= IFNAMSIZ) { > + if (strscpy(act_name, "police", IFNAMSIZ) < 0) { > NL_SET_ERR_MSG(extack, "TC action name too long"); > return ERR_PTR(-EINVAL); > } > -- > 2.41.0.255.g8b1d071c50-goog > > >
Hello: This patch was applied to netdev/net.git (main) by David S. Miller <davem@davemloft.net>: On Mon, 10 Jul 2023 03:07:11 +0000 you wrote: > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > [...] Here is the summary with links: - net: sched: Replace strlcpy with strscpy https://git.kernel.org/netdev/net/c/989b52cdc849 You are awesome, thank you!
diff --git a/net/sched/act_api.c b/net/sched/act_api.c index f7887f42d542..9d3f26bf0440 100644 --- a/net/sched/act_api.c +++ b/net/sched/act_api.c @@ -1320,7 +1320,7 @@ struct tc_action_ops *tc_action_load_ops(struct nlattr *nla, bool police, return ERR_PTR(err); } } else { - if (strlcpy(act_name, "police", IFNAMSIZ) >= IFNAMSIZ) { + if (strscpy(act_name, "police", IFNAMSIZ) < 0) { NL_SET_ERR_MSG(extack, "TC action name too long"); return ERR_PTR(-EINVAL); }
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). Direct replacement is safe here since return value of -errno is used to check for truncation instead of sizeof(dest). [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> --- net/sched/act_api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)