Commit c152737b authored Nov 15, 2024 by Abdul Rahim Committed by Ilya Dryomov Nov 18, 2024

ceph: Use strscpy() instead of strcpy() in __get_snap_name()

strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors [1].

This fixes checkpatch warning:
    WARNING: Prefer strscpy over strcpy

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy



[ idryomov: formatting ]

Signed-off-by: Abdul Rahim <abdul.rahim@myyahoo.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>

parent e50f960b

fs/ceph/export.c

+7 −1

Original line number	Diff line number	Diff line
		@@ -452,7 +452,13 @@ static int __get_snap_name(struct dentry parent, char name,
		goto out;
		if (ceph_snap(inode) == CEPH_SNAPDIR) {
		if (ceph_snap(dir) == CEPH_NOSNAP) {
		strcpy(name, fsc->mount_options->snapdir_name);
		/*
		* .get_name() from struct export_operations
		* assumes that its 'name' parameter is pointing
		* to a NAME_MAX+1 sized buffer
		*/
		strscpy(name, fsc->mount_options->snapdir_name,
		NAME_MAX + 1);
		err = 0;
		}
		goto out;