| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250402231433.117505-1-a.jahangirzad@gmail.com>
Date: Thu, 3 Apr 2025 02:44:34 +0330
From: Amir Mohammad Jahangirzad <a.jahangirzad@...il.com>
To: hca@...ux.ibm.com,
gor@...ux.ibm.com,
agordeev@...ux.ibm.com
Cc: borntraeger@...ux.ibm.com,
svens@...ux.ibm.com,
linux-s390@...r.kernel.org,
linux-kernel@...r.kernel.org,
"Amir Mohammad Jahangirzad" <a.jahangirzad@...il.com>
Subject: [PATCH] s390/boot: replace strncpy() with strscpy()
From: "Amir Mohammad Jahangirzad" <a.jahangirzad@...il.com>
strncpy() is deprecated for use on NUL-terminated destination strings
as it doesn't guarantee NUL-termination when the source string length
exceeds the destination buffer size. strscpy() is a safer alternative
as it always NUL-terminates the destination and returns the number of
characters copied (excluding the NUL).
Replace strncpy() with strscpy() for copying the bootdebug_filter value,
using sizeof(bootdebug_filter) rather than sizeof()-1 since strscpy()
takes the full buffer size as parameter.
Link: https://github.com/KSPP/linux/issues/90
Signed-off-by: Amir Mohammad Jahangirzad <a.jahangirzad@...il.com>
---
arch/s390/boot/ipl_parm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/s390/boot/ipl_parm.c b/arch/s390/boot/ipl_parm.c
index d04e9b89d14a..8b153f7b4112 100644
--- a/arch/s390/boot/ipl_parm.c
+++ b/arch/s390/boot/ipl_parm.c
@@ -309,7 +309,7 @@ void parse_boot_command_line(void)
if (!strcmp(param, "bootdebug")) {
bootdebug = true;
if (val)
- strncpy(bootdebug_filter, val, sizeof(bootdebug_filter) - 1);
+ strscpy(bootdebug_filter, val, sizeof(bootdebug_filter));
}
if (!strcmp(param, "quiet"))
boot_console_loglevel = CONSOLE_LOGLEVEL_QUIET;
--
2.43.0
Powered by blists - more mailing lists