lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAPRMd3mRUi+ESqDy04c-r38JoSWxo8Ka0Et9gZbe+jRrL6G_nQ@mail.gmail.com>
Date: Sun, 27 Apr 2025 00:56:14 +0530
From: Shankari <shankari.ak0208@...il.com>
To: netdev@...r.kernel.org
Subject: Re: [PATCH v2] net: rds: Replace strncpy with strscpy in connection setup

Hi Jacub,

I have implemented the changes in the v2 patch. Thanks for your review.

On Sun, Apr 27, 2025 at 12:51 AM Shankari Anand
<shankari.ak0208@...il.com> wrote:
>
> From: Shankari02 <shankari.ak0208@...il.com>
>
> This patch replaces strncpy() with strscpy(), which is the preferred, safer
> alternative for bounded string copying in the Linux kernel. strscpy() guarantees
> null-termination as long as the destination buffer is non-zero in size and provides
> a return value to detect truncation.
>
> Padding of the 'transport' field is not necessary because it is treated purely
> as a null-terminated string and is not used for binary comparisons or direct
> memory operations that would rely on padding. Therefore, switching to strscpy()
> is safe and appropriate here.
>
> This change is made in accordance with the Linux kernel documentation, which
> marks strncpy() as deprecated for bounded string operations:
> https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy
>
> Signed-off-by: Shankari Anand <shankari.ak0208@...il.com>
> ---
>  net/rds/connection.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/rds/connection.c b/net/rds/connection.c
> index c749c5525b40..fb2f14a1279a 100644
> --- a/net/rds/connection.c
> +++ b/net/rds/connection.c
> @@ -749,7 +749,7 @@ static int rds_conn_info_visitor(struct rds_conn_path *cp, void *buffer)
>         cinfo->laddr = conn->c_laddr.s6_addr32[3];
>         cinfo->faddr = conn->c_faddr.s6_addr32[3];
>         cinfo->tos = conn->c_tos;
> -       strncpy(cinfo->transport, conn->c_trans->t_name,
> +       strscpy(cinfo->transport, conn->c_trans->t_name,
>                 sizeof(cinfo->transport));
>         cinfo->flags = 0;
>
> @@ -775,7 +775,7 @@ static int rds6_conn_info_visitor(struct rds_conn_path *cp, void *buffer)
>         cinfo6->next_rx_seq = cp->cp_next_rx_seq;
>         cinfo6->laddr = conn->c_laddr;
>         cinfo6->faddr = conn->c_faddr;
> -       strncpy(cinfo6->transport, conn->c_trans->t_name,
> +       strscpy(cinfo6->transport, conn->c_trans->t_name,
>                 sizeof(cinfo6->transport));
>         cinfo6->flags = 0;
>
> --
> 2.34.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ