| Message ID | 20230920-strncpy-drivers-i2c-busses-i2c-cp2615-c-v1-1-11406a996794@google.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | e2def33f9ee1b1a8cda4ec5cde69840b5708f068 |
| Headers | show |
| Series | i2c: cp2615: replace deprecated strncpy with strscpy | expand |
On Wed, Sep 20, 2023 at 08:08:52AM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > We should prefer more robust and less ambiguous string interfaces. > > We expect name to be NUL-terminated based on its numerous uses with > functions that expect NUL-terminated strings. > > For example in i2c-core-base.c +1533: > | dev_dbg(&adap->dev, "adapter [%s] registered\n", adap->name); > > NUL-padding is not required as `adap` is already zero-alloacted with: > | adap = devm_kzalloc(&usbif->dev, sizeof(struct i2c_adapter), GFP_KERNEL); > > With the above in mind, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Thanks for the clear commit log! Looks good to me. Reviewed-by: Kees Cook <keescook@chromium.org>
On Wed, Sep 20, 2023 at 08:08:52AM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > We should prefer more robust and less ambiguous string interfaces. > > We expect name to be NUL-terminated based on its numerous uses with > functions that expect NUL-terminated strings. > > For example in i2c-core-base.c +1533: > | dev_dbg(&adap->dev, "adapter [%s] registered\n", adap->name); > > NUL-padding is not required as `adap` is already zero-alloacted with: > | adap = devm_kzalloc(&usbif->dev, sizeof(struct i2c_adapter), GFP_KERNEL); > > With the above in mind, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Applied to for-next, thanks!
diff --git a/drivers/i2c/busses/i2c-cp2615.c b/drivers/i2c/busses/i2c-cp2615.c index 3ded28632e4c..20f8f7c9a8cd 100644 --- a/drivers/i2c/busses/i2c-cp2615.c +++ b/drivers/i2c/busses/i2c-cp2615.c @@ -298,7 +298,7 @@ cp2615_i2c_probe(struct usb_interface *usbif, const struct usb_device_id *id) if (!adap) return -ENOMEM; - strncpy(adap->name, usbdev->serial, sizeof(adap->name) - 1); + strscpy(adap->name, usbdev->serial, sizeof(adap->name)); adap->owner = THIS_MODULE; adap->dev.parent = &usbif->dev; adap->dev.of_node = usbif->dev.of_node;
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. We expect name to be NUL-terminated based on its numerous uses with functions that expect NUL-terminated strings. For example in i2c-core-base.c +1533: | dev_dbg(&adap->dev, "adapter [%s] registered\n", adap->name); NUL-padding is not required as `adap` is already zero-alloacted with: | adap = devm_kzalloc(&usbif->dev, sizeof(struct i2c_adapter), GFP_KERNEL); With the above in mind, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> --- drivers/i2c/busses/i2c-cp2615.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- base-commit: 2cf0f715623872823a72e451243bbf555d10d032 change-id: 20230920-strncpy-drivers-i2c-busses-i2c-cp2615-c-aada0fe2aa71 Best regards, -- Justin Stitt <justinstitt@google.com>