| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <689c9c64ef692_12a3a92943f@willemb.c.googlers.com.notmuch> Date: Wed, 13 Aug 2025 10:08:36 -0400 From: Willem de Bruijn <willemdebruijn.kernel@...il.com> To: Miguel García Román <miguelgarciaroman8@...il.com>, Willem de Bruijn <willemdebruijn.kernel@...il.com> Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org, jasowang@...hat.com, andrew+netdev@...n.ch, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, skhan@...uxfoundation.org Subject: Re: [PATCH net-next v2] tun: replace strcpy with strscpy for ifr_name Miguel García Román wrote: > Thanks Willem. Should I resend with your Reviewed-by tag or will it be > picked up when applied? No need. Also see other patches under review, and especially read https://www.kernel.org/doc/html/next/process/submitting-patches.html Note the comment on top posting. > El mié, 13 ago 2025 a las 15:06, Willem de Bruijn > (<willemdebruijn.kernel@...il.com>) escribió: > > > > Miguel García wrote: > > > Replace the strcpy() calls that copy the device name into ifr->ifr_name > > > with strscpy() to avoid potential overflows and guarantee NULL termination. > > > > > > Destination is ifr->ifr_name (size IFNAMSIZ). > > > > > > Tested in QEMU (BusyBox rootfs): > > > - Created TUN devices via TUNSETIFF helper > > > - Set addresses and brought links up > > > - Verified long interface names are safely truncated (IFNAMSIZ-1) > > > > > > Signed-off-by: Miguel García <miguelgarciaroman8@...il.com> > > > > Reviewed-by: Willem de Bruijn <willemb@...gle.com>
Powered by blists - more mailing lists