NFS: Prefer strscpy over strlcpy calls

strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. Check for strscpy()'s return value of -E2BIG on truncate for safe replacement with strlcpy(). This is part of a tree-wide cleanup to remove the strlcpy() function entirely from the kernel [2]. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230512155749.1356958-1-azeemshaikh38@gmail.com
author: Azeem Shaikh <azeemshaikh38@gmail.com> 2023-05-12 18:57:49 +0300
committer: Kees Cook <keescook@chromium.org> 2023-05-22 22:34:41 +0300
commit: 8ca25e00cf817b635f4e80d59b6d07686d74eff0 (patch)
tree: e76d69eb0c39ac4a18970023949fe67b863d0367
parent: 30ad0627f169f56180e668e7223eaa43aa190a75 (diff)
download: linux-8ca25e00cf817b635f4e80d59b6d07686d74eff0.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/nfs/nfsroot.c b/fs/nfs/nfsroot.c
index 620329b7e6ae..7600100ba26f 100644
--- a/fs/nfs/nfsroot.c
+++ b/fs/nfs/nfsroot.c
@@ -164,7 +164,7 @@ __setup("nfsroot=", nfs_root_setup);
 static int __init root_nfs_copy(char *dest, const char *src,
 				     const size_t destlen)
 {
-	if (strlcpy(dest, src, destlen) > destlen)
+	if (strscpy(dest, src, destlen) == -E2BIG)
 		return -1;
 	return 0;
 }
author	Azeem Shaikh <azeemshaikh38@gmail.com>	2023-05-12 18:57:49 +0300
committer	Kees Cook <keescook@chromium.org>	2023-05-22 22:34:41 +0300
commit	8ca25e00cf817b635f4e80d59b6d07686d74eff0 (patch)
tree	e76d69eb0c39ac4a18970023949fe67b863d0367
parent	30ad0627f169f56180e668e7223eaa43aa190a75 (diff)
download	linux-8ca25e00cf817b635f4e80d59b6d07686d74eff0.tar.xz