Message ID | 20240320-strncpy-drivers-video-fbdev-fsl-diu-fb-c-v1-1-3cd3c012fa8c@google.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | video: fbdev: fsl-diu-fb: replace deprecated strncpy with strscpy_pad | expand |
On Wed, Mar 20, 2024 at 10:48:50PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > A better alternative is strscpy() as it guarantees NUL-termination on > the destination buffer. > > Since we are eventually copying over to userspace, let's ensure we > NUL-pad the destination buffer by using the pad variant of strscpy. > - core/fb_chrdev.c: > 234 | err = copy_to_user(&fix32->id, &fix->id, sizeof(fix32->id)); > > Furthermore, we can use the new 2-argument variants of strscpy() and > strscpy_pad() introduced by Commit e6584c3964f2f ("string: Allow > 2-argument strscpy()") to simplify the syntax even more. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org>
diff --git a/drivers/video/fbdev/fsl-diu-fb.c b/drivers/video/fbdev/fsl-diu-fb.c index 0191141657fd..ea37a60da10c 100644 --- a/drivers/video/fbdev/fsl-diu-fb.c +++ b/drivers/video/fbdev/fsl-diu-fb.c @@ -787,7 +787,7 @@ static void set_fix(struct fb_info *info) struct fb_var_screeninfo *var = &info->var; struct mfb_info *mfbi = info->par; - strncpy(fix->id, mfbi->id, sizeof(fix->id)); + strscpy_pad(fix->id, mfbi->id); fix->line_length = var->xres_virtual * var->bits_per_pixel / 8; fix->type = FB_TYPE_PACKED_PIXELS; fix->accel = FB_ACCEL_NONE;
strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. A better alternative is strscpy() as it guarantees NUL-termination on the destination buffer. Since we are eventually copying over to userspace, let's ensure we NUL-pad the destination buffer by using the pad variant of strscpy. - core/fb_chrdev.c: 234 | err = copy_to_user(&fix32->id, &fix->id, sizeof(fix32->id)); Furthermore, we can use the new 2-argument variants of strscpy() and strscpy_pad() introduced by Commit e6584c3964f2f ("string: Allow 2-argument strscpy()") to simplify the syntax even more. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> --- Note: build-tested only. Found with: $ rg "strncpy\(" --- drivers/video/fbdev/fsl-diu-fb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- base-commit: bf3a69c6861ff4dc7892d895c87074af7bc1c400 change-id: 20240319-strncpy-drivers-video-fbdev-fsl-diu-fb-c-b69036ceb3f4 Best regards, -- Justin Stitt <justinstitt@google.com>