| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20241106020728.491501-1-danielyangkang@gmail.com> Date: Tue, 5 Nov 2024 18:07:28 -0800 From: Daniel Yang <danielyangkang@...il.com> To: Mike Marshall <hubcap@...ibond.com>, Martin Brandenburg <martin@...ibond.com>, devel@...ts.orangefs.org (open list:ORANGEFS FILESYSTEM), linux-kernel@...r.kernel.org (open list) Cc: Daniel Yang <danielyangkang@...il.com> Subject: [PATCH] orangefs_inode_getxattr(): replace deprecated strcpy with strscpy The strcpy() function does not do bounds checking. strscpy() is the recommended replacement to the deprecated function. The return value of strcpy is not used so there shouldn't be issues here. Signed-off-by: Daniel Yang <danielyangkang@...il.com> --- fs/orangefs/xattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/orangefs/xattr.c b/fs/orangefs/xattr.c index 74ef75586..d27ff38cf 100644 --- a/fs/orangefs/xattr.c +++ b/fs/orangefs/xattr.c @@ -150,7 +150,7 @@ ssize_t orangefs_inode_getxattr(struct inode *inode, const char *name, goto out_unlock; new_op->upcall.req.getxattr.refn = orangefs_inode->refn; - strcpy(new_op->upcall.req.getxattr.key, name); + strscpy(new_op->upcall.req.getxattr.key, name); /* * NOTE: Although keys are meant to be NULL terminated textual -- 2.39.5
Powered by blists - more mailing lists