| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YBFV5eo5AYmLd4E0@kroah.com>
Date: Wed, 27 Jan 2021 13:00:37 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: B K Karthik <bkkarthik@...u.pes.edu>
Cc: Johan Hovold <johan@...nel.org>, Alex Elder <elder@...nel.org>,
greybus-dev@...ts.linaro.org, devel@...verdev.osuosl.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: greybus: audio_helper.c: Replace strlcpy() with
strscpy()
On Sat, Jan 09, 2021 at 06:57:31PM +0530, B K Karthik wrote:
> In gbaudio_remove_controls() , replace the usage of strlcpy() with
> strscpy() because strlcpy() only limits the *destination*
> size, and the source is always read fully.
>
> https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/
> was quoted by checkpatch while showing this warning.
>
> Signed-off-by: B K Karthik <bkkarthik@...u.pes.edu>
> ---
> drivers/staging/greybus/audio_helper.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/greybus/audio_helper.c b/drivers/staging/greybus/audio_helper.c
> index 3011b8abce38..1ed4772d2771 100644
> --- a/drivers/staging/greybus/audio_helper.c
> +++ b/drivers/staging/greybus/audio_helper.c
> @@ -166,7 +166,7 @@ static int gbaudio_remove_controls(struct snd_card *card, struct device *dev,
> snprintf(id.name, sizeof(id.name), "%s %s", prefix,
> control->name);
> else
> - strlcpy(id.name, control->name, sizeof(id.name));
> + strscpy(id.name, control->name, sizeof(id.name));
Is this something that matters here? Isn't the string coming from the
kernel (i.e. a trusted source), or if not, where is it coming from?
thanks,
greg k-h
Powered by blists - more mailing lists