Commit 94755a0
udf: replace deprecated strncpy/strcpy with strscpy
strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces. Also replace an instance of strcpy() which is also
deprecated.
s_volume_ident is a NUL-terminated string which is evident from its
usage in udf_debug:
| udf_debug("volIdent[] = '%s'\n", UDF_SB(sb)->s_volume_ident);
s_volume_ident should also be NUL-padded as it is copied out to
userspace:
| if (copy_to_user((char __user *)arg,
| UDF_SB(inode->i_sb)->s_volume_ident, 32))
| return -EFAULT;
Considering the above, a suitable replacement is `strscpy_pad` [2] due
to the fact that it guarantees both NUL-termination and NUL-padding on
the destination buffer.
To simplify the code, let's use the new 2-argument version of
strscpy_pad() introduced in Commit e6584c3 ("string: Allow
2-argument strscpy()"). Also zero-allocate @outstr so we can safely use
a non-@ret length argument. This is just in case udf_dstrCS0toChar()
doesn't include the NUL-byte in its return length, we won't truncate
@outstr or write garbage bytes either.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: KSPP/linux#90
Cc: [email protected]
Signed-off-by: Justin Stitt <[email protected]>
Signed-off-by: Jan Kara <[email protected]>
Message-Id: <[email protected]>1 parent 8777446 commit 94755a0
1 file changed
+3
-3
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
895 | 895 | | |
896 | 896 | | |
897 | 897 | | |
898 | | - | |
| 898 | + | |
899 | 899 | | |
900 | 900 | | |
901 | 901 | | |
| |||
921 | 921 | | |
922 | 922 | | |
923 | 923 | | |
924 | | - | |
| 924 | + | |
925 | 925 | | |
926 | 926 | | |
927 | 927 | | |
928 | | - | |
| 928 | + | |
929 | 929 | | |
930 | 930 | | |
931 | 931 | | |
| |||
0 commit comments