| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <283409A8-6FD1-461C-8490-0E81B266EF9D@redhat.com> Date: Wed, 06 Nov 2024 15:40:18 -0500 From: Benjamin Coddington <bcodding@...hat.com> To: Roland Mainz <roland.mainz@...bsig.org> Cc: open list <linux-kernel@...r.kernel.org>, Linux NFS Mailing List <linux-nfs@...r.kernel.org> Subject: Re: [PATCH] nfs_sysfs_link_rpc_client(): Replace strcpy with strscpy On 6 Nov 2024, at 15:20, Roland Mainz wrote: > On Wed, Nov 6, 2024 at 3:49 AM Daniel Yang <danielyangkang@...il.com> wrote: >> >> The function strcpy is deprecated due to lack of bounds checking. The >> recommended replacement is strscpy. >> >> Signed-off-by: Daniel Yang <danielyangkang@...il.com> >> --- >> fs/nfs/sysfs.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/fs/nfs/sysfs.c b/fs/nfs/sysfs.c >> index bf378ecd5..f3d0b2ef9 100644 >> --- a/fs/nfs/sysfs.c >> +++ b/fs/nfs/sysfs.c >> @@ -280,7 +280,7 @@ void nfs_sysfs_link_rpc_client(struct nfs_server *server, >> char name[RPC_CLIENT_NAME_SIZE]; >> int ret; >> >> - strcpy(name, clnt->cl_program->name); >> + strscpy(name, clnt->cl_program->name); > > How should the "bounds checking" work in this case if you only pass > two arguments ? The linux kernel strscpy() checks the sizeof the destination. Ben
Powered by blists - more mailing lists