lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250320165647.34859-2-thorsten.blum@linux.dev> Date: Thu, 20 Mar 2025 17:56:44 +0100 From: Thorsten Blum <thorsten.blum@...ux.dev> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>, Al Viro <viro@...iv.linux.org.uk> Cc: Thorsten Blum <thorsten.blum@...ux.dev>, linux-hardening@...r.kernel.org, linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH] USB: gadget: Replace deprecated strncpy() with strscpy() strncpy() is deprecated for NUL-terminated destination buffers; use strscpy() instead. Since kzalloc() already zeroes out the destination buffer, the potential NUL-padding by strncpy() is unnecessary. strscpy() copies only the required characters and guarantees NUL-termination. Since the destination buffer has a fixed length, strscpy() automatically determines its size using sizeof() when the argument is omitted. This makes an explicit sizeof() call unnecessary. The source string is also NUL-terminated and meets the __must_be_cstr() requirement of strscpy(). No functional changes intended. Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@...r.kernel.org Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev> --- drivers/usb/gadget/legacy/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c index b6a30d88a800..fcce84a726f2 100644 --- a/drivers/usb/gadget/legacy/inode.c +++ b/drivers/usb/gadget/legacy/inode.c @@ -1615,7 +1615,7 @@ static int activate_ep_files (struct dev_data *dev) mutex_init(&data->lock); init_waitqueue_head (&data->wait); - strncpy (data->name, ep->name, sizeof (data->name) - 1); + strscpy(data->name, ep->name); refcount_set (&data->count, 1); data->dev = dev; get_dev (dev);
Powered by blists - more mailing lists