net: sched: Replace strlcpy with strscpy

azeemshaikh38 · davem330 · commit 989b52cdc849 · 2023-07-10T08:23:53.000+01:00
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). Direct replacement is safe here since return value of -errno is used to check for truncation instead of sizeof(dest). [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] KSPP#89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Pavan Chebbi <pavan.chebbi@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
@@ -1320,7 +1320,7 @@ struct tc_action_ops *tc_action_load_ops(struct nlattr *nla, bool police,
 			return ERR_PTR(err);
 		}
 	} else {
-		if (strlcpy(act_name, "police", IFNAMSIZ) >= IFNAMSIZ) {
+		if (strscpy(act_name, "police", IFNAMSIZ) < 0) {
 			NL_SET_ERR_MSG(extack, "TC action name too long");
 			return ERR_PTR(-EINVAL);
 		}

Original file line number	Diff line number	Diff line change
`@@ -1320,7 +1320,7 @@ struct tc_action_ops tc_action_load_ops(struct nlattr nla, bool police,`
`1320`	`1320`	`return ERR_PTR(err);`
`1321`	`1321`	`}`
`1322`	`1322`	`} else {`
`1323`		`- if (strlcpy(act_name, "police", IFNAMSIZ) >= IFNAMSIZ) {`
	`1323`	`+ if (strscpy(act_name, "police", IFNAMSIZ) < 0) {`
`1324`	`1324`	`NL_SET_ERR_MSG(extack, "TC action name too long");`
`1325`	`1325`	`return ERR_PTR(-EINVAL);`
`1326`	`1326`	`}`