| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251119135217.233084-1-thorsten.blum@linux.dev>
Date: Wed, 19 Nov 2025 14:52:17 +0100
From: Thorsten Blum <thorsten.blum@...ux.dev>
To: Ivan Orlov <ivan.orlov0322@...il.com>,
Jaroslav Kysela <perex@...ex.cz>,
Takashi Iwai <tiwai@...e.com>
Cc: Thorsten Blum <thorsten.blum@...ux.dev>,
linux-sound@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] ALSA: pcmtest: Replace deprecated strcpy with strscpy_pad in setup_patt_bufs
strcpy() has been deprecated [1] because it performs no bounds checking
on the destination buffer, which can lead to buffer overflows. Replace
it with the safer strscpy_pad(), and use kmalloc() instead of kzalloc()
because strscpy_pad() zero-pads the destination buffer and therefore
avoids writing to it twice.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
---
sound/drivers/pcmtest.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sound/drivers/pcmtest.c b/sound/drivers/pcmtest.c
index 19b3f306c564..b8474631f0b5 100644
--- a/sound/drivers/pcmtest.c
+++ b/sound/drivers/pcmtest.c
@@ -696,10 +696,10 @@ static int setup_patt_bufs(void)
size_t i;
for (i = 0; i < ARRAY_SIZE(patt_bufs); i++) {
- patt_bufs[i].buf = kzalloc(MAX_PATTERN_LEN, GFP_KERNEL);
+ patt_bufs[i].buf = kmalloc(MAX_PATTERN_LEN, GFP_KERNEL);
if (!patt_bufs[i].buf)
break;
- strcpy(patt_bufs[i].buf, DEFAULT_PATTERN);
+ strscpy_pad(patt_bufs[i].buf, DEFAULT_PATTERN, MAX_PATTERN_LEN);
patt_bufs[i].len = DEFAULT_PATTERN_LEN;
}
--
2.51.1
Powered by blists - more mailing lists