lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ldak3a3zmqlkv67mjproobt4g7pe6ii7pkqzzohd5o5kyv64xw@r63jjlqzafzp>
Date: Mon, 30 Jun 2025 19:48:03 +0530
From: Brahmajit Das <listout@...tout.xyz>
To: Pranav Tyagi <pranav.tyagi03@...il.com>
Cc: Carlos Maiolino <cem@...nel.org>, skhan@...uxfoundation.org, 
	linux-kernel-mentees@...ts.linux.dev, linux-xfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs/xfs: replace strncpy with strscpy

On 30.06.2025 14:36, Pranav Tyagi wrote:
... snip ...
> > >       spin_unlock(&mp->m_sb_lock);
> > >
> > >       if (copy_to_user(user_label, label, sizeof(label)))
> > > --
> > > 2.49.0
> > >
> 
> Hi,
> 
> Thank you for the feedback. I understand that my patch is incorrect and
> it causes a buffer overrun. The destination buffer is indeed, already, null
> terminated. Would you like me to send a corrected patch which uses
> strscpy() (as strncpy() is deprecated)?
> 
If the destination buffer is already NUL terminated, you can use either
strtomem or strtomem_pad [0].

[0]: https://docs.kernel.org/core-api/kernel-api.html#c.strncpy
(Description)
> Regret the inconvenience.
> 
> Regards
> Pranav Tyagi
> 

-- 
Regards,
listout

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ