lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <202212070909095189693@zte.com.cn>
Date:   Wed, 7 Dec 2022 09:09:09 +0800 (CST)
From:   <yang.yang29@....com.cn>
To:     <wg@...ndegger.com>
Cc:     <mkl@...gutronix.de>, <davem@...emloft.net>, <edumazet@...gle.com>,
        <kuba@...nel.org>, <pabeni@...hat.com>,
        <mailhol.vincent@...adoo.fr>, <stefan.maetje@....eu>,
        <socketcan@...tkopp.net>, <dzm91@...t.edu.cn>,
        <julia.lawall@...ia.fr>, <gustavoars@...nel.org>,
        <linux-can@...r.kernel.org>, <netdev@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>, <xu.panda@....com.cn>,
        <yang.yang29@....com.cn>
Subject: [PATCH linux-next] can: ucan: use strscpy() to instead of strncpy()

From: Xu Panda <xu.panda@....com.cn>

The implementation of strscpy() is more robust and safer.
That's now the recommended way to copy NUL terminated strings.

Signed-off-by: Xu Panda <xu.panda@....com.cn>
Signed-off-by: Yang Yang <yang.yang29@....com>
---
 drivers/net/can/usb/ucan.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/net/can/usb/ucan.c b/drivers/net/can/usb/ucan.c
index ffa38f533c35..159e25ffa337 100644
--- a/drivers/net/can/usb/ucan.c
+++ b/drivers/net/can/usb/ucan.c
@@ -1534,9 +1534,8 @@ static int ucan_probe(struct usb_interface *intf,
 				     sizeof(union ucan_ctl_payload));
 	if (ret > 0) {
 		/* copy string while ensuring zero termination */
-		strncpy(firmware_str, up->ctl_msg_buffer->raw,
-			sizeof(union ucan_ctl_payload));
-		firmware_str[sizeof(union ucan_ctl_payload)] = '\0';
+		strscpy(firmware_str, up->ctl_msg_buffer->raw,
+			sizeof(union ucan_ctl_payload) + 1);
 	} else {
 		strcpy(firmware_str, "unknown");
 	}
-- 
2.15.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ