| Message ID | 20250408102843.804083-2-thorsten.blum@linux.dev (mailing list archive) |
|---|---|
| State | Under Review |
| Headers | show |
| Series | [v2] scsi: elx: sli4: Replace deprecated strncpy() with strscpy() | expand |
On Tue, Apr 08, 2025 at 12:28:40PM +0200, Thorsten Blum wrote: > strncpy() is deprecated for NUL-terminated destination buffers; use > strscpy() instead. > > Since sli_config_cmd_init() already zeroes out the destination buffers, > the potential NUL-padding by strncpy() is unnecessary. strscpy() copies > only the required characters and guarantees NUL-termination. > > And since all three destination buffers have a fixed length, strscpy() > automatically determines their size using sizeof() when the argument is > omitted. This makes any explicit sizeof() calls unnecessary. > > The source strings are also NUL-terminated and meet the __must_be_cstr() > requirement of strscpy(). > > No functional changes intended. > > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Reviewed-by: Kees Cook <kees@kernel.org>
Thorsten, > strncpy() is deprecated for NUL-terminated destination buffers; use > strscpy() instead. Applied to 6.16/scsi-staging, thanks!
diff --git a/drivers/scsi/elx/libefc_sli/sli4.c b/drivers/scsi/elx/libefc_sli/sli4.c index 5e7fb110bc3f..d9a231fc0e0d 100644 --- a/drivers/scsi/elx/libefc_sli/sli4.c +++ b/drivers/scsi/elx/libefc_sli/sli4.c @@ -3804,7 +3804,7 @@ sli_cmd_common_write_object(struct sli4 *sli4, void *buf, u16 noc, wr_obj->desired_write_len_dword = cpu_to_le32(dwflags); wr_obj->write_offset = cpu_to_le32(offset); - strncpy(wr_obj->object_name, obj_name, sizeof(wr_obj->object_name) - 1); + strscpy(wr_obj->object_name, obj_name); wr_obj->host_buffer_descriptor_count = cpu_to_le32(1); bde = (struct sli4_bde *)wr_obj->host_buffer_descriptor; @@ -3833,7 +3833,7 @@ sli_cmd_common_delete_object(struct sli4 *sli4, void *buf, char *obj_name) SLI4_SUBSYSTEM_COMMON, CMD_V0, SLI4_RQST_PYLD_LEN(cmn_delete_object)); - strncpy(req->object_name, obj_name, sizeof(req->object_name) - 1); + strscpy(req->object_name, obj_name); return 0; } @@ -3856,7 +3856,7 @@ sli_cmd_common_read_object(struct sli4 *sli4, void *buf, u32 desired_read_len, cpu_to_le32(desired_read_len & SLI4_REQ_DESIRE_READLEN); rd_obj->read_offset = cpu_to_le32(offset); - strncpy(rd_obj->object_name, obj_name, sizeof(rd_obj->object_name) - 1); + strscpy(rd_obj->object_name, obj_name); rd_obj->host_buffer_descriptor_count = cpu_to_le32(1); bde = (struct sli4_bde *)rd_obj->host_buffer_descriptor;
strncpy() is deprecated for NUL-terminated destination buffers; use strscpy() instead. Since sli_config_cmd_init() already zeroes out the destination buffers, the potential NUL-padding by strncpy() is unnecessary. strscpy() copies only the required characters and guarantees NUL-termination. And since all three destination buffers have a fixed length, strscpy() automatically determines their size using sizeof() when the argument is omitted. This makes any explicit sizeof() calls unnecessary. The source strings are also NUL-terminated and meet the __must_be_cstr() requirement of strscpy(). No functional changes intended. Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> --- Changes in v2: - Update patch description as suggested by Kees - Link to v1: https://lore.kernel.org/lkml/20250226185531.1092-2-thorsten.blum@linux.dev/ --- drivers/scsi/elx/libefc_sli/sli4.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)