Message ID | 20231020-strncpy-drivers-power-supply-charger-manager-c-v1-1-698f73bcad2a@google.com (mailing list archive) |
---|---|
State | Handled Elsewhere, archived |
Headers | show |
Series | power: supply: charger-manager: replace deprecated strncpy with strscpy | expand |
On Fri, 20 Oct 2023 19:21:46 +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We expect cm->psy_name_buf to be NUL-terminated based on its usage with > format strings: > 1522: cm->charger_psy_desc.name = cm->psy_name_buf; > ... > 1587: dev_err(&pdev->dev, "Cannot register charger-manager with name \"%s\"\n", > 1587: cm->charger_psy_desc.name); > > [...] Applied, thanks! [1/1] power: supply: charger-manager: replace deprecated strncpy with strscpy commit: e1402bd297a3477c16eca4c1e4094372237f40a7 Best regards,
diff --git a/drivers/power/supply/charger-manager.c b/drivers/power/supply/charger-manager.c index 5fa6ba7f41e1..085d5277bc19 100644 --- a/drivers/power/supply/charger-manager.c +++ b/drivers/power/supply/charger-manager.c @@ -1516,9 +1516,11 @@ static int charger_manager_probe(struct platform_device *pdev) memcpy(&cm->charger_psy_desc, &psy_default, sizeof(psy_default)); if (!desc->psy_name) - strncpy(cm->psy_name_buf, psy_default.name, PSY_NAME_MAX); + strscpy(cm->psy_name_buf, psy_default.name, + sizeof(cm->psy_name_buf)); else - strncpy(cm->psy_name_buf, desc->psy_name, PSY_NAME_MAX); + strscpy(cm->psy_name_buf, desc->psy_name, + sizeof(cm->psy_name_buf)); cm->charger_psy_desc.name = cm->psy_name_buf; /* Allocate for psy properties because they may vary */
strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect cm->psy_name_buf to be NUL-terminated based on its usage with format strings: 1522: cm->charger_psy_desc.name = cm->psy_name_buf; ... 1587: dev_err(&pdev->dev, "Cannot register charger-manager with name \"%s\"\n", 1587: cm->charger_psy_desc.name); Moreover, NUL-padding is not required as `cm` is already zero-allocated and thus any future NUL-byte assignments (like what strncpy() will do) are redundant: 1437: cm = devm_kzalloc(&pdev->dev, sizeof(*cm), GFP_KERNEL); Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Let's also opt for the more idiomatic strscpy() usage of: strscpy(dest, src, sizeof(dest)). Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> --- Note: build-tested only. Found with: $ rg "strncpy\(" --- drivers/power/supply/charger-manager.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) --- base-commit: bb55d7f7f7445abcc8db50e6a65d4315e79f75c7 change-id: 20231020-strncpy-drivers-power-supply-charger-manager-c-236767ef929c Best regards, -- Justin Stitt <justinstitt@google.com>