From patchwork Thu Sep 14 22:20:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13386144 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17D87EEAA7A for ; Thu, 14 Sep 2023 22:20:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229867AbjINWVC (ORCPT ); Thu, 14 Sep 2023 18:21:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42272 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229702AbjINWVB (ORCPT ); Thu, 14 Sep 2023 18:21:01 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E515026B7 for ; Thu, 14 Sep 2023 15:20:56 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-59bdac026f7so20276227b3.0 for ; Thu, 14 Sep 2023 15:20:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694730056; x=1695334856; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=L6wxH6wI0CxNppihK8yyqaPuo2ed2yk6gacxAzZ/YyQ=; b=BM0YwBiwVFb8TzWvXVSas5oaWU302JRAzBkTRI+IJcHdIVkdRsJF3FFMuhyJ2HaWFu 18Ytjyc9eeDM8lYwHh1jc4D+h8FLxClwupHBsThQW0v81wsybwsoNl4RsebOtcNs56u8 tDN9p/BUNZJx5F7KgWEjMHUmaGHQV2xCFQIvl+3oqHn2bo/YqvmjZ77LqclnkTtwb/pO lzHCFI4KMm4QIF2yKkrvYr/+CPP7BJnzBiA1v+0fppHAFh1Pyv2XZWmOkxccDYAiSuKV Xjc56ChPLmrh7sM8kleY6eAR4hhoUR5oPqq+EfVXqHIyzzzg+PBvucRKGuTm6Hk5RpdZ ahfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694730056; x=1695334856; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=L6wxH6wI0CxNppihK8yyqaPuo2ed2yk6gacxAzZ/YyQ=; b=T/f66hmG0her8tXJnLulBABeCG/3uzzz9ET/5abS50ijGuchtd9Id+J+rJo0vyH0R6 6oO91Wy2pYjfrdBDtAd0cKUEx3jk3SB356rKtxwXUDYmMSayBnM0e2MMmMy2fgx5KoGI hut0b5jsb1TsrKeHs6HT9jdZNy9+gipDy4LQ5CpCRRRisBFDd5QNd8tEoubOiQItcmyn g5etssKQ6NeiBhiAoHDyLRxKTh6myxwqg171VkkMx+D1m7oiVnrODky4wOJK4E4g3DNd SNfns1j8EyAOJZjb3JrFSCA+Oq6ct0xDuQ4AmayhWDv1glsacPYnsAjA9r90Xf60r2CV gYuA== X-Gm-Message-State: AOJu0YxS6BTDNaaZdGiZk1WlQpufDjW/Mz04pT1lsTvTzDw+UkS4YXtW NsUze6tY3lwc88zxf67+LJe3u0sRkdgkQ+7iBQ== X-Google-Smtp-Source: AGHT+IEpoemOyU/gCfEy83llw70WSxP7zEz3SBbvICVjbWMxxJfMiydQwtaNCRNpaXfr7o3vwcXiY9NfsRvm3iC3KQ== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:690c:710:b0:59b:f138:c83b with SMTP id bs16-20020a05690c071000b0059bf138c83bmr548ywb.3.1694730056164; Thu, 14 Sep 2023 15:20:56 -0700 (PDT) Date: Thu, 14 Sep 2023 22:20:55 +0000 Mime-Version: 1.0 X-B4-Tracking: v=1; b=H4sIAEaHA2UC/x2NMQrDMAwAvxI0RxC7JtB+pXQIlhyLgmOkEhJM/ l6T4YZb7hoYq7DBa2igvIvJVrq4cYCYl7IyCnUHP/nH9HQB7acl1hNJZWc1zEI3VTeSL5+GEWM KfnZh8Y4C9FJVTnLcl/fnuv40LAw+dQAAAA== X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1694730055; l=2074; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=+74GC7rHw1mTn7nixljv5X0qMRleq8S1K0Ou7Xb7zvw=; b=Kpg/iXSQK/dWh3bjDyW1nCyXP9t2hxjS3t8Kvy+Gk83wwymskJL9AwoLZSuYt0s95O1vww4sD edk9W7p0v+tDvqTc6FRuqWSc/e+ou1C/82uv+xmTsAPYQKfeT++S8J4 X-Mailer: b4 0.12.3 Message-ID: <20230914-strncpy-drivers-hid-hid-prodikeys-c-v1-1-10c00550f2c2@google.com> Subject: [PATCH] HID: prodikeys: refactor deprecated strncpy From: Justin Stitt To: Jiri Kosina , Benjamin Tissoires Cc: linux-input@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Justin Stitt Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org `strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Reviewed-by: Kees Cook --- Note: for some reason if NUL-padding is needed let's opt for `strscpy_pad()` --- drivers/hid/hid-prodikeys.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) --- base-commit: 3669558bdf354cd352be955ef2764cde6a9bf5ec change-id: 20230914-strncpy-drivers-hid-hid-prodikeys-c-cf42614a21d4 Best regards, -- Justin Stitt diff --git a/drivers/hid/hid-prodikeys.c b/drivers/hid/hid-prodikeys.c index e4e9471d0f1e..c16d2ba6ea16 100644 --- a/drivers/hid/hid-prodikeys.c +++ b/drivers/hid/hid-prodikeys.c @@ -639,9 +639,9 @@ static int pcmidi_snd_initialise(struct pcmidi_snd *pm) goto fail; } - strncpy(card->driver, shortname, sizeof(card->driver)); - strncpy(card->shortname, shortname, sizeof(card->shortname)); - strncpy(card->longname, longname, sizeof(card->longname)); + strscpy(card->driver, shortname, sizeof(card->driver)); + strscpy(card->shortname, shortname, sizeof(card->shortname)); + strscpy(card->longname, longname, sizeof(card->longname)); /* Set up rawmidi */ err = snd_rawmidi_new(card, card->shortname, 0, @@ -652,7 +652,7 @@ static int pcmidi_snd_initialise(struct pcmidi_snd *pm) goto fail; } pm->rwmidi = rwmidi; - strncpy(rwmidi->name, card->shortname, sizeof(rwmidi->name)); + strscpy(rwmidi->name, card->shortname, sizeof(rwmidi->name)); rwmidi->info_flags = SNDRV_RAWMIDI_INFO_INPUT; rwmidi->private_data = pm;