NFS: Prefer strscpy over strlcpy calls

strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. Check for strscpy()'s return value of -E2BIG on truncate for safe replacement with strlcpy(). This is part of a tree-wide cleanup to remove the strlcpy() function entirely from the kernel [2]. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230512155749.1356958-1-azeemshaikh38@gmail.com
2024-09-20 23:13:00 +00:00 · 2023-05-12 15:57:49 +00:00 · 2023-05-12 15:57:49 +00:00 · 8ca25e00cf
commit 8ca25e00cf
parent 30ad0627f1
1 changed files with 1 additions and 1 deletions
--- a/fs/nfs/nfsroot.c
+++ b/fs/nfs/nfsroot.c
@ -164,7 +164,7 @@ __setup("nfsroot=", nfs_root_setup);
 static int __init root_nfs_copy(char *dest, const char *src,
 				     const size_t destlen)
 {
-	if (strlcpy(dest, src, destlen) > destlen)
+	if (strscpy(dest, src, destlen) == -E2BIG)
 		return -1;
 	return 0;
 }