lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 9 Dec 2022 15:45:31 +0800 (CST)
From:   <yang.yang29@....com.cn>
To:     <steve.wahl@....com>
Cc:     <mike.travis@....com>, <dimitri.sivanich@....com>,
        <russ.anderson@....com>, <dvhart@...radead.org>,
        <andy@...radead.org>, <tglx@...utronix.de>, <mingo@...hat.com>,
        <bp@...en8.de>, <dave.hansen@...ux.intel.com>, <x86@...nel.org>,
        <hpa@...or.com>, <platform-driver-x86@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>, <xu.panda@....com.cn>,
        <yang.yang29@....com.cn>, <andy.shevchenko@...il.com>
Subject: [PATCH linux-next v3] x86/platform/uv: use strscpy to instead of strncpy()

From: Xu Panda <xu.panda@....com.cn>

The implementation of strscpy() is more robust and safer.
That's now the recommended way to copy NUL terminated strings.

Signed-off-by: Xu Panda <xu.panda@....com.cn>
Signed-off-by: Yang Yang <yang.yang29@....com>
---
change for v3
 - remove the remaining definition of p, and fix the mistake
which leads to eating one character. Thanks to Andy Shevchenko again.
---
 arch/x86/platform/uv/uv_nmi.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/arch/x86/platform/uv/uv_nmi.c b/arch/x86/platform/uv/uv_nmi.c
index a60af0230e27..a55550b779e1 100644
--- a/arch/x86/platform/uv/uv_nmi.c
+++ b/arch/x86/platform/uv/uv_nmi.c
@@ -202,14 +202,10 @@ static int param_set_action(const char *val, const struct kernel_param *kp)
 {
 	int i;
 	int n = ARRAY_SIZE(valid_acts);
-	char arg[ACTION_LEN], *p;
+	char arg[ACTION_LEN];

 	/* (remove possible '\n') */
-	strncpy(arg, val, ACTION_LEN - 1);
-	arg[ACTION_LEN - 1] = '\0';
-	p = strchr(arg, '\n');
-	if (p)
-		*p = '\0';
+	strscpy(arg, val, strnchrnul(val, ACTION_LEN - 1, '\n') - val + 1);

 	for (i = 0; i < n; i++)
 		if (!strcmp(arg, valid_acts[i].action))
-- 
2.15.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ