diff options
| author | Azeem Shaikh <azeemshaikh38@gmail.com> | 2023-06-13 00:34:04 +0000 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2023-06-14 12:32:19 +0200 |
| commit | f3c21ed9ce17438b9b6fb4a959640c486cabda24 (patch) | |
| tree | b4da7ac9a6113effae9f3e6cbb7963373edf4bf7 | |
| parent | 0ffe85885b31ac0308bb13a31eec6a441e2a2d77 (diff) | |
| download | lwn-f3c21ed9ce17438b9b6fb4a959640c486cabda24.tar.gz lwn-f3c21ed9ce17438b9b6fb4a959640c486cabda24.zip | |
wifi: mac80211: Replace strlcpy with strscpy
strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
Direct replacement is safe here since LOCAL_ASSIGN is only used by
TRACE macros and the return values are ignored.
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230613003404.3538524-1-azeemshaikh38@gmail.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
| -rw-r--r-- | net/mac80211/trace.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/mac80211/trace.h b/net/mac80211/trace.h index e5edf6fe576f..b8c53b4a710b 100644 --- a/net/mac80211/trace.h +++ b/net/mac80211/trace.h @@ -17,7 +17,7 @@ #define MAXNAME 32 #define LOCAL_ENTRY __array(char, wiphy_name, 32) -#define LOCAL_ASSIGN strlcpy(__entry->wiphy_name, wiphy_name(local->hw.wiphy), MAXNAME) +#define LOCAL_ASSIGN strscpy(__entry->wiphy_name, wiphy_name(local->hw.wiphy), MAXNAME) #define LOCAL_PR_FMT "%s" #define LOCAL_PR_ARG __entry->wiphy_name |