Commit 0529a804 authored by Thorsten Blum's avatar Thorsten Blum Committed by Tyler Hicks
Browse files

ecryptfs: Replace strcpy with strscpy in ecryptfs_validate_options 

strcpy() has been deprecated [1] because it performs no bounds checking
on the destination buffer, which can lead to buffer overflows. Replace
it with the safer strscpy().

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy

 [1]
Signed-off-by: default avatarThorsten Blum <thorsten.blum@linux.dev>
Signed-off-by: default avatarTyler Hicks <code@tyhicks.com>
parent c82f77a4

fs/ecryptfs/main.c

+5 −4
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ 
#include <linux/fs_stack.h>

#include <linux/sysfs.h>

#include <linux/slab.h>

#include <linux/string.h>

#include <linux/magic.h>

#include "ecryptfs_kernel.h"
@@ -354,12 +355,12 @@ static int ecryptfs_validate_options(struct fs_context *fc) 
		int cipher_name_len = strlen(ECRYPTFS_DEFAULT_CIPHER);



		BUG_ON(cipher_name_len > ECRYPTFS_MAX_CIPHER_NAME_SIZE);

		strcpy(mount_crypt_stat->global_default_cipher_name,

		strscpy(mount_crypt_stat->global_default_cipher_name,

			ECRYPTFS_DEFAULT_CIPHER);

	}

	if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)

	    && !ctx->fn_cipher_name_set)

		strcpy(mount_crypt_stat->global_default_fn_cipher_name,

		strscpy(mount_crypt_stat->global_default_fn_cipher_name,

			mount_crypt_stat->global_default_cipher_name);

	if (!ctx->cipher_key_bytes_set)

		mount_crypt_stat->global_default_cipher_key_size = 0;