| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <451b7aaf-86d0-4a0d-9578-b76c3a7886d5@gmail.com> Date: Tue, 14 Oct 2025 19:53:05 -0400 From: Vivek BalachandharTN <vivek.balachandhar@...il.com> To: Dan Carpenter <dan.carpenter@...aro.org> Cc: gregkh@...uxfoundation.org, johan@...nel.org, elder@...nel.org, schopin@...ntu.com, me@...y.me, greybus-dev@...ts.linaro.org, linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org Subject: Re: [PATCH] staging: greybus: documentation: replace strncpy() with strscpy_pad() Hi Dan, Thanks for clarifying. That makes sense — since the struct starts zeroed and the last byte remains untouched, the current code is already safe. I’ll drop this patch. Appreciate the quick guidance. Best Vivek On 2025-10-14 1:13 p.m., Dan Carpenter wrote: > On Tue, Oct 14, 2025 at 12:10:50PM -0400, Vivek BalachandharTN wrote: >> Hi Dan, >> >> Thanks again—confirmed the structs are zero-initialized before the copy. >> >> Would a minimal fix that guarantees NUL-termination be acceptable, e.g.: >> >> strncpy((char *)&intf_load.firmware_tag, firmware_tag, >> GB_FIRMWARE_U_TAG_MAX_SIZE - 1); >> ((char *)&intf_load.firmware_tag)[GB_FIRMWARE_U_TAG_MAX_SIZE - 1] = '\0'; >> >> I can respin as v2 with the same change applied to the other two >> firmware_tag >> fields. > Sorry, I should have explained this at the start... The struct is > initialized to zero. The strncpy() copies at most > "GB_FIRMWARE_U_TAG_MAX_SIZE - 1" characters, meaning we never copy > anything to the last character which stays as zero. > > regards, > dan carpenter >
Powered by blists - more mailing lists