strscpy: reject buffer sizes larger than INT_MAX

As already done for snprintf(), add a check in strscpy() for giant (i.e. likely negative and/or miscalculated) copy sizes, WARN, and error out. Link: http://lkml.kernel.org/r/201907260928.23DE35406@keescook Signed-off-by: Kees Cook <[email protected]> Cc: Joe Perches <[email protected]> Cc: Rasmus Villemoes <[email protected]> Cc: Yann Droneaud <[email protected]> Cc: David Laight <[email protected]> Cc: Jonathan Corbet <[email protected]> Cc: Stephen Kitt <[email protected]> Cc: Jann Horn <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
author: Kees Cook <[email protected]> 2019-09-25 16:46:20 -0700
committer: Linus Torvalds <[email protected]> 2019-09-25 17:51:39 -0700
commit: 9a156466147b61504f4cbe97ea503e67c21e117a (patch)
tree: 25f41cd13e244c58bdf536c601225a05daa4caa9
parent: d1a445d3b86c9341ce7a0954c23be0edb5c9bec5 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/string.c b/lib/string.c
index f7bc10da4259..cd7a10c19210 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -183,7 +183,7 @@ ssize_t strscpy(char *dest, const char *src, size_t count)
 	size_t max = count;
 	long res = 0;
 
-	if (count == 0)
+	if (count == 0 || WARN_ON_ONCE(count > INT_MAX))
 		return -E2BIG;
 
 #ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
author	Kees Cook <[email protected]>	2019-09-25 16:46:20 -0700
committer	Linus Torvalds <[email protected]>	2019-09-25 17:51:39 -0700
commit	9a156466147b61504f4cbe97ea503e67c21e117a (patch)
tree	25f41cd13e244c58bdf536c601225a05daa4caa9
parent	d1a445d3b86c9341ce7a0954c23be0edb5c9bec5 (diff)