Commit 97f7d3f9 authored Mar 23, 2026 by Kees Cook Committed by Rafael J. Wysocki Mar 23, 2026

ACPICA: Replace strncpy() with strscpy_pad() in acpi_ut_safe_strncpy()

Replace the deprecated[1] strncpy() with strscpy_pad() in
acpi_ut_safe_strncpy().

The function is a "safe strncpy" wrapper that does
strncpy(dest, source, dest_size) followed by manual NUL-termination
at dest[dest_size - 1]. strscpy_pad() is a direct replacement: it
NUL-terminates, zero-pads the remainder, and the manual termination
is no longer needed.

All callers pass NUL-terminated source strings (C string literals,
__FILE__ via ACPI_MODULE_NAME, or user-provided filenames that have
already been validated). The destinations are fixed-size char arrays
in ACPICA internal structures (allocation->module, aml_op_name,
acpi_gbl_db_debug_filename), all consumed as C strings.

No behavioral change: strscpy_pad() produces identical output to
strncpy() + manual NUL-termination for NUL-terminated sources that
are shorter than dest_size. For sources longer than dest_size,
strncpy() wrote dest_size non-NUL bytes then the manual termination
overwrote the last byte with NUL; strscpy_pad() writes dest_size-1
bytes plus NUL: same result.

Link: https://github.com/KSPP/linux/issues/90

 [1]
Signed-off-by: Kees Cook <kees@kernel.org>
Link: https://patch.msgid.link/20260323172451.work.079-kees@kernel.org


Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>

parent c3692998

drivers/acpi/acpica/utnonansi.c

+1 −2

Original line number	Diff line number	Diff line
		@@ -168,8 +168,7 @@ void acpi_ut_safe_strncpy(char dest, char source, acpi_size dest_size)
		{
		/* Always terminate destination string */

		strncpy(dest, source, dest_size);
		dest[dest_size - 1] = 0;
		strscpy_pad(dest, source, dest_size);
		}

		#endif