| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <da04f02a3a94dee1d5a84f409245a56a358c566d.camel@oracle.com>
Date: Mon, 28 Apr 2025 23:25:16 +0000
From: Allison Henderson <allison.henderson@...cle.com>
To: "shankari.ak0208@...il.com" <shankari.ak0208@...il.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC: "horms@...nel.org" <horms@...nel.org>,
"shuah@...nel.org"
<shuah@...nel.org>,
"edumazet@...gle.com" <edumazet@...gle.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"kuba@...nel.org"
<kuba@...nel.org>,
"pabeni@...hat.com" <pabeni@...hat.com>
Subject: Re: [PATCH v2] net: rds: Replace strncpy with strscpy in connection
setup
On Sun, 2025-04-27 at 00:51 +0530, Shankari Anand wrote:
> From: Shankari02 <shankari.ak0208@...il.com>
>
> This patch replaces strncpy() with strscpy(), which is the preferred, safer
> alternative for bounded string copying in the Linux kernel. strscpy() guarantees
> null-termination as long as the destination buffer is non-zero in size and provides
> a return value to detect truncation.
>
> Padding of the 'transport' field is not necessary because it is treated purely
> as a null-terminated string and is not used for binary comparisons or direct
> memory operations that would rely on padding. Therefore, switching to strscpy()
> is safe and appropriate here.
>
> This change is made in accordance with the Linux kernel documentation, which
> marks strncpy() as deprecated for bounded string operations:
> https://urldefense.com/v3/__https://www.kernel.org/doc/html/latest/process/deprecated.html*strcpy__;Iw!!ACWV5N9M2RV99hQ!JQ3FhnKPxlGvQkqNxOtHRJfVNmGFTbZV2VX0GApjASrhCXFfe0I_W27l08BCIavcbHWaiWZBbOA8JeMeVieuPuUgll4OXE0$
>
> Signed-off-by: Shankari Anand <shankari.ak0208@...il.com>
This looks fine to me. Thanks Shankari!
Reviewed-by: Allison Henderson <allison.henderson@...cle.com>
> ---
> net/rds/connection.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/rds/connection.c b/net/rds/connection.c
> index c749c5525b40..fb2f14a1279a 100644
> --- a/net/rds/connection.c
> +++ b/net/rds/connection.c
> @@ -749,7 +749,7 @@ static int rds_conn_info_visitor(struct rds_conn_path *cp, void *buffer)
> cinfo->laddr = conn->c_laddr.s6_addr32[3];
> cinfo->faddr = conn->c_faddr.s6_addr32[3];
> cinfo->tos = conn->c_tos;
> - strncpy(cinfo->transport, conn->c_trans->t_name,
> + strscpy(cinfo->transport, conn->c_trans->t_name,
> sizeof(cinfo->transport));
> cinfo->flags = 0;
>
> @@ -775,7 +775,7 @@ static int rds6_conn_info_visitor(struct rds_conn_path *cp, void *buffer)
> cinfo6->next_rx_seq = cp->cp_next_rx_seq;
> cinfo6->laddr = conn->c_laddr;
> cinfo6->faddr = conn->c_faddr;
> - strncpy(cinfo6->transport, conn->c_trans->t_name,
> + strscpy(cinfo6->transport, conn->c_trans->t_name,
> sizeof(cinfo6->transport));
> cinfo6->flags = 0;
>
Powered by blists - more mailing lists