| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210817154728.3964-1-len.baker@gmx.com>
Date: Tue, 17 Aug 2021 17:47:28 +0200
From: Len Baker <len.baker@....com>
To: "James E.J. Bottomley" <James.Bottomley@...senPartnership.com>,
Helge Deller <deller@....de>,
Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc: Len Baker <len.baker@....com>, linux-parisc@...r.kernel.org,
linux-input@...r.kernel.org, linux-kernel@...r.kernel.org,
Kees Cook <keescook@...omium.org>,
linux-hardening@...r.kernel.org
Subject: [PATCH] input/gscps2: Prefer strscpy over strlcpy
strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NUL-terminated. The safe
replacement is strscpy().
This is a previous step in the path to remove the strlcpy() function
entirely from the kernel [1].
[1] https://github.com/KSPP/linux/issues/89
Signed-off-by: Len Baker <len.baker@....com>
---
drivers/input/serio/gscps2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/input/serio/gscps2.c b/drivers/input/serio/gscps2.c
index 2f9775de3c5b..cae74d0edb09 100644
--- a/drivers/input/serio/gscps2.c
+++ b/drivers/input/serio/gscps2.c
@@ -357,7 +357,7 @@ static int __init gscps2_probe(struct parisc_device *dev)
snprintf(serio->name, sizeof(serio->name), "gsc-ps2-%s",
(ps2port->id == GSC_ID_KEYBOARD) ? "keyboard" : "mouse");
- strlcpy(serio->phys, dev_name(&dev->dev), sizeof(serio->phys));
+ strscpy(serio->phys, dev_name(&dev->dev), sizeof(serio->phys));
serio->id.type = SERIO_8042;
serio->write = gscps2_write;
serio->open = gscps2_open;
--
2.25.1
Powered by blists - more mailing lists