| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8f550b4e-2b7e-4266-be92-bb724265949f@gmail.com> Date: Tue, 14 Oct 2025 12:10:50 -0400 From: Vivek BalachandharTN <vivek.balachandhar@...il.com> To: Dan Carpenter <dan.carpenter@...aro.org> Cc: gregkh@...uxfoundation.org, johan@...nel.org, elder@...nel.org, schopin@...ntu.com, me@...y.me, greybus-dev@...ts.linaro.org, linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org Subject: Re: [PATCH] staging: greybus: documentation: replace strncpy() with strscpy_pad() Hi Dan, Thanks again—confirmed the structs are zero-initialized before the copy. Would a minimal fix that guarantees NUL-termination be acceptable, e.g.: strncpy((char *)&intf_load.firmware_tag, firmware_tag, GB_FIRMWARE_U_TAG_MAX_SIZE - 1); ((char *)&intf_load.firmware_tag)[GB_FIRMWARE_U_TAG_MAX_SIZE - 1] = '\0'; I can respin as v2 with the same change applied to the other two firmware_tag fields. Best regards, Vivek On 2025-10-14 10:15 a.m., Dan Carpenter wrote: > On Tue, Oct 14, 2025 at 10:01:28AM -0400, Vivek BalachandharTN wrote: >> Yes, Dan. Nice catch. Building it with below sample change: >> >> memset(&intf_load.firmware_tag, 0, GB_FIRMWARE_U_TAG_MAX_SIZE); >> strncpy((char *)&intf_load.firmware_tag, firmware_tag, >> GB_FIRMWARE_U_TAG_MAX_SIZE - 1); > There isn't a need to doing the memset()... > > regards, > dan carpenter >
Powered by blists - more mailing lists