| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250917205533.214336-1-mssola@mssola.com> Date: Wed, 17 Sep 2025 22:55:33 +0200 From: Miquel Sabaté Solà <mssola@...ola.com> To: miklos@...redi.hu Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, Miquel Sabaté Solà <mssola@...ola.com> Subject: [PATCH] fs: fuse: Use strscpy instead of strcpy As pointed out in [1], strcpy() is deprecated in favor of strscpy(). Furthermore, the length of the name to be copied is well known at this point since we are going to move the pointer by that much on the next line. Hence, it's safe to assume 'namelen' for the length of the string to be copied. [1] KSPP#88 Signed-off-by: Miquel Sabaté Solà <mssola@...ola.com> --- fs/fuse/dir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 5c569c3cb53f..4982efa2c178 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -504,7 +504,7 @@ static int get_security_context(struct dentry *entry, umode_t mode, fctx->size = lsmctx.len; ptr += sizeof(*fctx); - strcpy(ptr, name); + strscpy(ptr, name, namelen); ptr += namelen; memcpy(ptr, lsmctx.context, lsmctx.len); -- 2.51.0
Powered by blists - more mailing lists