lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f169ae3a-d50d-4eb3-a977-bb16270527bd@canonical.com>
Date: Thu, 6 Nov 2025 06:54:11 -0800
From: John Johansen <john.johansen@...onical.com>
To: Thorsten Blum <thorsten.blum@...ux.dev>, Paul Moore
 <paul@...l-moore.com>, James Morris <jmorris@...ei.org>,
 "Serge E. Hallyn" <serge@...lyn.com>
Cc: apparmor@...ts.ubuntu.com, linux-security-module@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH RESEND] apparmor: Replace deprecated strcpy in
 d_namespace_path

On 11/6/25 06:51, Thorsten Blum wrote:
> strcpy() is deprecated; replace it with a direct '/' assignment. The
> buffer is already NUL-terminated, so there is no need to copy an
> additional NUL terminator as strcpy() did.
> 
> Update the comment and add the local variable 'is_root' for clarity.
> 
> Link: https://github.com/KSPP/linux/issues/88
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>

hey Thorsten,

sorry I have just been swamped, and traveling, ...
I will start on the patch backlog tonight

> ---
>   security/apparmor/path.c | 13 ++++++++-----
>   1 file changed, 8 insertions(+), 5 deletions(-)
> 
> diff --git a/security/apparmor/path.c b/security/apparmor/path.c
> index d6c74c357ffd..65a0ca5cc1bd 100644
> --- a/security/apparmor/path.c
> +++ b/security/apparmor/path.c
> @@ -164,12 +164,15 @@ static int d_namespace_path(const struct path *path, char *buf, char **name,
>   	}
>   
>   out:
> -	/*
> -	 * Append "/" to the pathname.  The root directory is a special
> -	 * case; it already ends in slash.
> +	/* Append "/" to directory paths, except for root "/" which
> +	 * already ends in a slash.
>   	 */
> -	if (!error && isdir && ((*name)[1] != '\0' || (*name)[0] != '/'))
> -		strcpy(&buf[aa_g_path_max - 2], "/");
> +	if (!error && isdir) {
> +		bool is_root = (*name)[0] == '/' && (*name)[1] == '\0';
> +
> +		if (!is_root)
> +			buf[aa_g_path_max - 2] = '/';
> +	}
>   
>   	return error;
>   }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ