| Message ID | 20220929072905.282639-1-xu.panda668@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [linux-next] arm64/idreg: use strscpy() is more robust and safer | expand |
On Thu, Sep 29, 2022 at 07:29:06AM +0000, xu.panda668@gmail.com wrote: > From: Xu Panda <xu.panda@zte.com.cn> > > The implementation of strscpy() is more robust and safer. > That's now the recommended way to copy NUL terminated strings. > > Reported-by: Zeal Robot <zealci@zte.com.cn> > Signed-off-by: Xu Panda <xu.panda@zte.com.cn> > Signed-off-by: Xu Panda <xu.panda668@gmail.com> > --- > arch/arm64/kernel/idreg-override.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm64/kernel/idreg-override.c b/arch/arm64/kernel/idreg-override.c > index 95133765ed29..61bbec7ef62e 100644 > --- a/arch/arm64/kernel/idreg-override.c > +++ b/arch/arm64/kernel/idreg-override.c > @@ -246,7 +246,7 @@ static __init void __parse_cmdline(const char *cmdline, bool parse_aliases) > return; > > len = min(len, ARRAY_SIZE(buf) - 1); > - strncpy(buf, cmdline, len); > + strscpy(buf, cmdline, len); > buf[len] = 0; Aren't we terminating the buffer explicitly here anyway? Will
From: Will Deacon > Sent: 04 October 2022 12:48 > > On Thu, Sep 29, 2022 at 07:29:06AM +0000, xu.panda668@gmail.com wrote: > > From: Xu Panda <xu.panda@zte.com.cn> > > > > The implementation of strscpy() is more robust and safer. > > That's now the recommended way to copy NUL terminated strings. In this case the input string isn't NUL terminated.... > > > > Reported-by: Zeal Robot <zealci@zte.com.cn> > > Signed-off-by: Xu Panda <xu.panda@zte.com.cn> > > Signed-off-by: Xu Panda <xu.panda668@gmail.com> > > --- > > arch/arm64/kernel/idreg-override.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/arch/arm64/kernel/idreg-override.c b/arch/arm64/kernel/idreg-override.c > > index 95133765ed29..61bbec7ef62e 100644 > > --- a/arch/arm64/kernel/idreg-override.c > > +++ b/arch/arm64/kernel/idreg-override.c > > @@ -246,7 +246,7 @@ static __init void __parse_cmdline(const char *cmdline, bool parse_aliases) > > return; > > > > len = min(len, ARRAY_SIZE(buf) - 1); > > - strncpy(buf, cmdline, len); > > + strscpy(buf, cmdline, len); > > buf[len] = 0; > > Aren't we terminating the buffer explicitly here anyway? I doubt the code was tested. It is always wrong regardless of the initial value of 'len'. I think using strscpy() will delete the last character and always add two '\0'. On the face of it, that could probably be a memcpy(). But with the checks you don't need any of the length checks that memcpy() might be gaining. OTOH, if the code used parameqn() a few lines lower the entire copy could be removed. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
diff --git a/arch/arm64/kernel/idreg-override.c b/arch/arm64/kernel/idreg-override.c index 95133765ed29..61bbec7ef62e 100644 --- a/arch/arm64/kernel/idreg-override.c +++ b/arch/arm64/kernel/idreg-override.c @@ -246,7 +246,7 @@ static __init void __parse_cmdline(const char *cmdline, bool parse_aliases) return; len = min(len, ARRAY_SIZE(buf) - 1); - strncpy(buf, cmdline, len); + strscpy(buf, cmdline, len); buf[len] = 0; if (strcmp(buf, "--") == 0)