Commit 20d09975 authored May 30, 2023 by Azeem Shaikh Committed by Jens Axboe Jun 01, 2023

block: Replace all non-returning strlcpy with strscpy

strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89



Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230530155608.272266-1-azeemshaikh38@gmail.com


Signed-off-by: Jens Axboe <axboe@kernel.dk>

parent 5a0ac57c

block/blk-cgroup-fc-appid.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -34,7 +34,7 @@ int blkcg_set_fc_appid(char *app_id, u64 cgrp_id, size_t app_id_len)
		* the vmid from the fabric.
		* Adding the overhead of a lock is not necessary.
		*/
		strlcpy(blkcg->fc_app_id, app_id, app_id_len);
		strscpy(blkcg->fc_app_id, app_id, app_id_len);
		css_put(css);
		out_cgrp_put:
		cgroup_put(cgrp);

block/elevator.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -751,7 +751,7 @@ ssize_t elv_iosched_store(struct request_queue q, const char buf,
		if (!elv_support_iosched(q))
		return count;

		strlcpy(elevator_name, buf, sizeof(elevator_name));
		strscpy(elevator_name, buf, sizeof(elevator_name));
		ret = elevator_change(q, strstrip(elevator_name));
		if (!ret)
		return count;

block/genhd.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -253,7 +253,7 @@ int __register_blkdev(unsigned int major, const char *name,
		#ifdef CONFIG_BLOCK_LEGACY_AUTOLOAD
		p->probe = probe;
		#endif
		strlcpy(p->name, name, sizeof(p->name));
		strscpy(p->name, name, sizeof(p->name));
		p->next = NULL;
		index = major_to_index(major);