| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202503031045.1E2D5BE@keescook> Date: Mon, 3 Mar 2025 10:45:48 -0800 From: Kees Cook <kees@...nel.org> To: Thorsten Blum <thorsten.blum@...ux.dev> Cc: "Martin K. Petersen" <martin.petersen@...cle.com>, linux-hardening@...r.kernel.org, linux-scsi@...r.kernel.org, target-devel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] scsi: target: Replace deprecated strncpy() with strscpy() On Sun, Mar 02, 2025 at 11:56:41PM +0100, Thorsten Blum wrote: > strncpy() is deprecated for NUL-terminated destination buffers; use > strscpy() instead. The destination buffer db_root is only used with "%s" > format strings and must therefore be NUL-terminated, but not NUL-padded. > > Use scnprintf() because snprintf() could return a value >= DB_ROOT_LEN > and lead to an out-of-bounds access. This doesn't happen because count > is explicitly checked against DB_ROOT_LEN before. However, scnprintf() > always returns the number of characters actually written to the string > buffer, which is always within the bounds of db_root_stage, and should > be preferred over snprintf(). > > The size parameter of strscpy() is optional and since DB_ROOT_LEN is the > size of the destination buffer, it can be removed. Remove it to simplify > the code. > > Compile-tested only. > > Link: https://github.com/KSPP/linux/issues/90 > Link: https://github.com/KSPP/linux/issues/105 > Cc: linux-hardening@...r.kernel.org > Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev> Reviewed-by: Kees Cook <kees@...nel.org> -- Kees Cook
Powered by blists - more mailing lists