| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230112211707.2abb31ad@kernel.org>
Date: Thu, 12 Jan 2023 21:17:07 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: <yang.yang29@....com.cn>
Cc: <santosh.shilimkar@...cle.com>, <davem@...emloft.net>,
<edumazet@...gle.com>, <pabeni@...hat.com>,
<netdev@...r.kernel.org>, <linux-rdma@...r.kernel.org>,
<rds-devel@....oracle.com>, <linux-kernel@...r.kernel.org>,
<xu.panda@....com.cn>
Subject: Re: [PATCH net-next v2] net/rds: use strscpy() to instead of
strncpy()
On Wed, 11 Jan 2023 14:25:48 +0800 (CST) yang.yang29@....com.cn wrote:
> From: Xu Panda <xu.panda@....com.cn>
>
> The implementation of strscpy() is more robust and safer.
> That's now the recommended way to copy NUL-terminated strings.
What are the differences in behavior between strncpy() and strscpy()?
> diff --git a/net/rds/stats.c b/net/rds/stats.c
> index 9e87da43c004..7018c67418f5 100644
> --- a/net/rds/stats.c
> +++ b/net/rds/stats.c
> @@ -88,9 +88,7 @@ void rds_stats_info_copy(struct rds_info_iterator *iter,
> size_t i;
>
> for (i = 0; i < nr; i++) {
> - BUG_ON(strlen(names[i]) >= sizeof(ctr.name));
> - strncpy(ctr.name, names[i], sizeof(ctr.name) - 1);
> - ctr.name[sizeof(ctr.name) - 1] = '\0';
> + BUG_ON(strscpy(ctr.name, names[i], sizeof(ctr.name)) < 0);
> ctr.value = values[i];
>
> rds_info_copy(iter, &ctr, sizeof(ctr));
Powered by blists - more mailing lists