| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250819095915.711085-3-thorsten.blum@linux.dev>
Date: Tue, 19 Aug 2025 11:59:05 +0200
From: Thorsten Blum <thorsten.blum@...ux.dev>
To: Jason Wessel <jason.wessel@...driver.com>,
Daniel Thompson <danielt@...nel.org>,
Douglas Anderson <dianders@...omium.org>,
Nir Lichtman <nir@...htman.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Yuran Pereira <yuran.pereira@...mail.com>
Cc: linux-hardening@...r.kernel.org,
Thorsten Blum <thorsten.blum@...ux.dev>,
Daniel Thompson <daniel@...cstar.com>,
kgdb-bugreport@...ts.sourceforge.net,
linux-kernel@...r.kernel.org
Subject: [PATCH v2 3/4] kdb: Replace deprecated strcpy() with memcpy() in parse_grep()
strcpy() is deprecated; use memcpy() instead.
We can safely use memcpy() because we already know the length of the
source string 'cp' and that it is guaranteed to be NUL-terminated within
the first KDB_GREP_STRLEN bytes.
Link: https://github.com/KSPP/linux/issues/88
Reviewed-by: Douglas Anderson <dianders@...omium.org>
Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
---
kernel/debug/kdb/kdb_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index 7a4d2d4689a5..cdf91976eb7c 100644
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -860,7 +860,7 @@ static void parse_grep(const char *str)
kdb_printf("search string too long\n");
return;
}
- strcpy(kdb_grep_string, cp);
+ memcpy(kdb_grep_string, cp, len + 1);
kdb_grepping_flag++;
return;
}
--
2.50.1
Powered by blists - more mailing lists