| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Jul 2021 08:43:45 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Len Baker <len.baker@....com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Nikolay Kyx <knv418@...il.com>,
Aditya Srivastava <yashsri421@...il.com>,
Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
William Durand <will+git@...d.me>,
Romain Perier <romain.perier@...il.com>,
Allen Pais <apais@...ux.microsoft.com>,
Phillip Potter <phil@...lpotter.co.uk>,
zhaoxiao <zhaoxiao@...ontech.com>, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging/rtl8192e: Remove all strcpy() uses in favor of
strscpy()
On Sun, Jul 18, 2021 at 11:06:36AM +0200, Len Baker wrote:
> diff --git a/drivers/staging/rtl8192e/rtllib_softmac_wx.c b/drivers/staging/rtl8192e/rtllib_softmac_wx.c
> index f89799d43b1b..5968407c646d 100644
> --- a/drivers/staging/rtl8192e/rtllib_softmac_wx.c
> +++ b/drivers/staging/rtl8192e/rtllib_softmac_wx.c
> @@ -543,7 +543,7 @@ int rtllib_wx_get_name(struct rtllib_device *ieee,
> struct iw_request_info *info,
> union iwreq_data *wrqu, char *extra)
> {
> - strcpy(wrqu->name, "802.11");
> + strscpy(wrqu->name, "802.11", sizeof(wrqu->name));
>
> if (ieee->modulation & RTLLIB_CCK_MODULATION)
> strcat(wrqu->name, "b");
This patch is just about silencing inferior static analysis tools,
right? Most checkers can figure out the size of the array and verify
that it has space for "802.11". Probably it's only raw grep which
can't.
It doesn't make sense to me that we have strscpy() followed by strcat.
So let's fix both.
regards,
dan carpenter
Powered by blists - more mailing lists