| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <677c56b5-8f8f-4a08-8e8f-26fba3236885@molgen.mpg.de>
Date: Mon, 11 Aug 2025 12:01:59 +0200
From: Paul Menzel <pmenzel@...gen.mpg.de>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Marcel Holtmann <marcel@...tmann.org>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>,
linux-bluetooth@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Bluetooth: btintel_pcie: Use strscpy() instead of
strscpy_pad()
Dear Thorsten,
Thank you for the patch.
Am 11.08.25 um 11:19 schrieb Thorsten Blum:
> kzalloc() already zero-initializes the destination buffer 'data', making
> strscpy() sufficient for safely copying 'name'. The additional
> NUL-padding performed by strscpy_pad() is unnecessary.
>
> Add a new local variable to store the length of 'name' and reuse it
> instead of recalculating the same length.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> ---
> drivers/bluetooth/btintel_pcie.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/bluetooth/btintel_pcie.c b/drivers/bluetooth/btintel_pcie.c
> index 6e7bbbd35279..aad03f8a3e13 100644
> --- a/drivers/bluetooth/btintel_pcie.c
> +++ b/drivers/bluetooth/btintel_pcie.c
> @@ -2236,6 +2236,7 @@ btintel_pcie_get_recovery(struct pci_dev *pdev, struct device *dev)
> {
> struct btintel_pcie_dev_recovery *tmp, *data = NULL;
> const char *name = pci_name(pdev);
> + const size_t name_len = strlen(name) + 1;
> struct hci_dev *hdev = to_hci_dev(dev);
>
> spin_lock(&btintel_pcie_recovery_lock);
> @@ -2252,11 +2253,11 @@ btintel_pcie_get_recovery(struct pci_dev *pdev, struct device *dev)
> return data;
> }
>
> - data = kzalloc(struct_size(data, name, strlen(name) + 1), GFP_ATOMIC);
> + data = kzalloc(struct_size(data, name, name_len), GFP_ATOMIC);
> if (!data)
> return NULL;
>
> - strscpy_pad(data->name, name, strlen(name) + 1);
> + strscpy(data->name, name, name_len);
> spin_lock(&btintel_pcie_recovery_lock);
> list_add_tail(&data->list, &btintel_pcie_recovery_list);
> spin_unlock(&btintel_pcie_recovery_lock);
Reviewed-by: Paul Menzel <pmenzel@...gen.mpg.de>
Kind regards,
Paul
Powered by blists - more mailing lists