Message ID | 20240318-strncpy-drivers-usb-gadget-udc-mv_u3d_core-c-v1-1-64f8dcdb7c07@google.com (mailing list archive) |
---|---|
State | Accepted |
Commit | 3b5eac68995396e174e3d4d5714ad106cb13dba0 |
Headers | show |
Series | usb: gadget: mv_u3d: replace deprecated strncpy with strscpy | expand |
On Mon, Mar 18, 2024 at 11:31:53PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > Let's opt for the new 2-argument version of strscpy() which guarantees > NUL-termination on the destination buffer and simplifies snytax. The > NUL-padding behavior that strncpy() provides is not required as u3d->eps > is already zero-allocated: > | u3d->eps = kzalloc(size, GFP_KERNEL); > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Thanks! Reviewed-by: Kees Cook <keescook@chromium.org>
diff --git a/drivers/usb/gadget/udc/mv_u3d_core.c b/drivers/usb/gadget/udc/mv_u3d_core.c index 2a421f0ff931..e1dd5cf25d08 100644 --- a/drivers/usb/gadget/udc/mv_u3d_core.c +++ b/drivers/usb/gadget/udc/mv_u3d_core.c @@ -1307,7 +1307,7 @@ static int mv_u3d_eps_init(struct mv_u3d *u3d) /* initialize ep0, ep0 in/out use eps[1] */ ep = &u3d->eps[1]; ep->u3d = u3d; - strncpy(ep->name, "ep0", sizeof(ep->name)); + strscpy(ep->name, "ep0"); ep->ep.name = ep->name; ep->ep.ops = &mv_u3d_ep_ops; ep->wedge = 0; @@ -1337,7 +1337,7 @@ static int mv_u3d_eps_init(struct mv_u3d *u3d) ep->ep.caps.dir_out = true; } ep->u3d = u3d; - strncpy(ep->name, name, sizeof(ep->name)); + strscpy(ep->name, name); ep->ep.name = ep->name; ep->ep.caps.type_iso = true;
strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. Let's opt for the new 2-argument version of strscpy() which guarantees NUL-termination on the destination buffer and simplifies snytax. The NUL-padding behavior that strncpy() provides is not required as u3d->eps is already zero-allocated: | u3d->eps = kzalloc(size, GFP_KERNEL); Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> --- Note: build-tested only. Found with: $ rg "strncpy\(" --- drivers/usb/gadget/udc/mv_u3d_core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- base-commit: bf3a69c6861ff4dc7892d895c87074af7bc1c400 change-id: 20240318-strncpy-drivers-usb-gadget-udc-mv_u3d_core-c-50ea7422311c Best regards, -- Justin Stitt <justinstitt@google.com>