| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230105210441.GA2292796@p14s>
Date: Thu, 5 Jan 2023 14:04:41 -0700
From: Mathieu Poirier <mathieu.poirier@...aro.org>
To: yang.yang29@....com.cn
Cc: andersson@...nel.org, linux-remoteproc@...r.kernel.org,
linux-kernel@...r.kernel.org, xu.panda@....com.cn
Subject: Re: [PATCH linux-next] rpmsg: use strscpy() to instead of strncpy()
On Fri, Dec 23, 2022 at 10:44:10AM +0800, yang.yang29@....com.cn wrote:
> From: Xu Panda <xu.panda@....com.cn>
>
> The implementation of strscpy() is more robust and safer.
> That's now the recommended way to copy NUL-terminated strings.
>
> Signed-off-by: Xu Panda <xu.panda@....com.cn>
> Signed-off-by: Yang Yang <yang.yang29@....com>
> ---
> drivers/rpmsg/rpmsg_ns.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/drivers/rpmsg/rpmsg_ns.c b/drivers/rpmsg/rpmsg_ns.c
> index c70ad03ff2e9..c7b5b60aef4d 100644
> --- a/drivers/rpmsg/rpmsg_ns.c
> +++ b/drivers/rpmsg/rpmsg_ns.c
> @@ -48,9 +48,7 @@ static int rpmsg_ns_cb(struct rpmsg_device *rpdev, void *data, int len,
> }
>
> /* don't trust the remote processor for null terminating the name */
> - msg->name[RPMSG_NAME_SIZE - 1] = '\0';
> -
This is broken.
> - strncpy(chinfo.name, msg->name, sizeof(chinfo.name));
> + strscpy(chinfo.name, msg->name, sizeof(chinfo.name));
In this case there isn't a need to use strscpy() since we _know_ from the above
that msg->name is NULL terminated.
> chinfo.src = RPMSG_ADDR_ANY;
> chinfo.dst = rpmsg32_to_cpu(rpdev, msg->addr);
>
> --
> 2.15.2
Powered by blists - more mailing lists