| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ab3b748710ad7155df8477646706e8ae05c36321.camel@oracle.com>
Date: Thu, 20 Feb 2025 18:07:45 +0000
From: Allison Henderson <allison.henderson@...cle.com>
To: "horms@...nel.org" <horms@...nel.org>,
"edumazet@...gle.com"
<edumazet@...gle.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"thorsten.blum@...ux.dev" <thorsten.blum@...ux.dev>,
"pabeni@...hat.com"
<pabeni@...hat.com>,
"kuba@...nel.org" <kuba@...nel.org>
CC: "rds-devel@....oracle.com" <rds-devel@....oracle.com>,
"linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH net-next] net/rds: Replace deprecated strncpy() with
strscpy_pad()
On Wed, 2025-02-19 at 23:47 +0100, Thorsten Blum wrote:
> strncpy() is deprecated for NUL-terminated destination buffers. Use
> strscpy_pad() instead and remove the manual NUL-termination.
>
> Compile-tested only.
>
> Link: https://urldefense.com/v3/__https://github.com/KSPP/linux/issues/90__;!!ACWV5N9M2RV99hQ!MpqMAmj6IIyu7Vj4ddfEGJlJY4rVrJL_g8etOQsHC7pdjZO77P7aOqJe8_JTFwBzZ6tciUDrbb2CjXWJMjdEMJGtpoeBfHU8qw$
> Cc: linux-hardening@...r.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> ---
> net/rds/stats.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/net/rds/stats.c b/net/rds/stats.c
> index 9e87da43c004..cb2e3d2cdf73 100644
> --- a/net/rds/stats.c
> +++ b/net/rds/stats.c
> @@ -89,8 +89,7 @@ void rds_stats_info_copy(struct rds_info_iterator *iter,
>
> for (i = 0; i < nr; i++) {
> BUG_ON(strlen(names[i]) >= sizeof(ctr.name));
> - strncpy(ctr.name, names[i], sizeof(ctr.name) - 1);
> - ctr.name[sizeof(ctr.name) - 1] = '\0';
> + strscpy_pad(ctr.name, names[i]);
> ctr.value = values[i];
>
Looks ok to me. Thanks Thorsten!
Reviewed-by: Allison Henderson <allison.henderson@...cle.com>
> rds_info_copy(iter, &ctr, sizeof(ctr));
Powered by blists - more mailing lists