0d224b1088
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated[1]. Additionally, it returns the size of the source string, not the resulting size of the destination string. In an effort to remove strlcpy() completely[2], replace strlcpy() here with strscpy(). Overflow should be impossible here, but actually check for buffer sizes being identical with BUILD_BUG_ON(), and include a run-time check as well. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [1] Link: https://github.com/KSPP/linux/issues/89 [2] Cc: Martin K. Petersen <martin.petersen@oracle.com> Cc: James E.J. Bottomley <jejb@linux.ibm.com> Cc: Steffen Maier <maier@linux.ibm.com> Cc: Benjamin Block <bblock@linux.ibm.com> Cc: Heiko Carstens <hca@linux.ibm.com> Cc: Vasily Gorbik <gor@linux.ibm.com> Cc: Alexander Gordeev <agordeev@linux.ibm.com> Cc: Christian Borntraeger <borntraeger@linux.ibm.com> Cc: Sven Schnelle <svens@linux.ibm.com> Cc: Azeem Shaikh <azeemshaikh38@gmail.com> Cc: <linux-s390@vger.kernel.org> Cc: <linux-scsi@vger.kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20231130204056.it.978-kees@kernel.org Acked-by: Benjamin Block <bblock@linux.ibm.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> |
||
---|---|---|
.. | ||
Makefile | ||
zfcp_aux.c | ||
zfcp_ccw.c | ||
zfcp_dbf.c | ||
zfcp_dbf.h | ||
zfcp_def.h | ||
zfcp_diag.c | ||
zfcp_diag.h | ||
zfcp_erp.c | ||
zfcp_ext.h | ||
zfcp_fc.c | ||
zfcp_fc.h | ||
zfcp_fsf.c | ||
zfcp_fsf.h | ||
zfcp_qdio.c | ||
zfcp_qdio.h | ||
zfcp_reqlist.h | ||
zfcp_scsi.c | ||
zfcp_sysfs.c | ||
zfcp_unit.c |