| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <34BB4FDE-062D-4C1B-B246-86CB55F631B8@linux.dev> Date: Thu, 13 Feb 2025 12:24:33 +0100 From: Thorsten Blum <thorsten.blum@...ux.dev> To: Don Brace <don.brace@...rochip.com>, "James E.J. Bottomley" <James.Bottomley@...senPartnership.com>, "Martin K. Petersen" <martin.petersen@...cle.com> Cc: linux-hardening@...r.kernel.org, Bart Van Assche <bvanassche@....org>, storagedev@...rochip.com, linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] scsi: hpsa: Replace deprecated strncpy() with strscpy() On 12. Feb 2025, at 23:22, Thorsten Blum wrote: > strncpy() is deprecated for NUL-terminated destination buffers [1]. Use > strscpy() instead and remove the manual NUL-termination. > > Use min() to simplify the size calculation. > > Compile-tested only. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Cc: linux-hardening@...r.kernel.org > Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev> > Suggested-by: Bart Van Assche <bvanassche@....org> > --- > drivers/scsi/hpsa.c | 10 ++++------ > 1 file changed, 4 insertions(+), 6 deletions(-) > > diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c > index 84d8de07b7ae..9399e101f150 100644 > --- a/drivers/scsi/hpsa.c > +++ b/drivers/scsi/hpsa.c > @@ -460,9 +460,8 @@ static ssize_t host_store_hp_ssd_smart_path_status(struct device *dev, > > if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) > return -EACCES; > - len = count > sizeof(tmpbuf) - 1 ? sizeof(tmpbuf) - 1 : count; > - strncpy(tmpbuf, buf, len); > - tmpbuf[len] = '\0'; > + len = min(count, sizeof(tmpbuf) - 1); > + strscpy(tmpbuf, buf, len); With strscpy() it should probably just be sizeof(tmpbuf) without -1, and then add +1 to count for the number of copied bytes to be the same as with strncpy(). Like this: len = min(count + 1, sizeof(tmpbuf)); This subtle difference between strncpy() and strscpy() regarding the number of bytes copied isn't really documented anywhere, is it? The documentation I came across so far seems to focus mostly on the different return values of the two functions. > if (sscanf(tmpbuf, "%d", &status) != 1) > return -EINVAL; > h = shost_to_hba(shost); > @@ -484,9 +483,8 @@ static ssize_t host_store_raid_offload_debug(struct device *dev, > > if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) > return -EACCES; > - len = count > sizeof(tmpbuf) - 1 ? sizeof(tmpbuf) - 1 : count; > - strncpy(tmpbuf, buf, len); > - tmpbuf[len] = '\0'; > + len = min(count, sizeof(tmpbuf) - 1); > + strscpy(tmpbuf, buf, len); Same here. > if (sscanf(tmpbuf, "%d", &debug_level) != 1) > return -EINVAL; > if (debug_level < 0) Maybe someone can confirm my reasoning before I submit a v2? Thanks, Thorsten
Powered by blists - more mailing lists