| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YrpCGa3OTtgBr0vN@google.com>
Date: Mon, 27 Jun 2022 16:49:45 -0700
From: Matthias Kaehlcke <mka@...omium.org>
To: Douglas Anderson <dianders@...omium.org>
Cc: Bjorn Andersson <bjorn.andersson@...aro.org>,
Andy Gross <agross@...nel.org>,
Konrad Dybcio <konrad.dybcio@...ainline.org>,
Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>,
Stephen Boyd <sboyd@...nel.org>, linux-arm-msm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] soc: qcom: cmd-db: replace strscpy_pad() with strncpy()
On Mon, Jun 27, 2022 at 04:17:00PM -0700, Douglas Anderson wrote:
> Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with
> strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine
> device. From printouts I see that at bootup the function is called
> with an id of "lnbclka2" which is 8 bytes big.
>
> Previously all 8 bytes of this string were copied to the
> destination. Now only 7 bytes will be copied since strscpy_pad() saves
> a byte for '\0' termination.
>
> We don't need the '\0' termination in the destination. Let's go back
> to strncpy(). According to the warning:
> If a caller is using non-NUL-terminated strings, strncpy() can still
> be used, but destinations should be marked with the __nonstring
> attribute to avoid future compiler warnings.
> ...so we'll do that.
>
> Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()")
> Signed-off-by: Douglas Anderson <dianders@...omium.org>
Reviewed-by: Matthias Kaehlcke <mka@...omium.org>
Powered by blists - more mailing lists