diff options
| author | Azeem Shaikh <[email protected]> | 2023-05-10 21:24:57 +0000 |
|---|---|---|
| committer | Andrew Morton <[email protected]> | 2023-06-09 17:44:13 -0700 |
| commit | 9e627588bf91174d8903f5550dc4cffc5c348247 (patch) | |
| tree | 35ff237db9a9ff5e3c831cb966827cf8a21211ca | |
| parent | 35a609a82c17b460fde063f8f4a6514441360cfd (diff) | |
procfs: replace all non-returning strlcpy with strscpy
strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NUL-terminated [1]. In an effort
to remove strlcpy() completely [2], replace strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
Link: https://lkml.kernel.org/r/[email protected]
Signed-off-by: Azeem Shaikh <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Reviewed-by: Alexey Dobriyan <[email protected]>
Cc: Baoquan He <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: Kefeng Wang <[email protected]>
Cc: Liu Shixin <[email protected]>
Cc: Lorenzo Stoakes <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
| -rw-r--r-- | fs/proc/kcore.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c index 25b44b303b35..5d0cf59c4926 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -419,7 +419,7 @@ static ssize_t read_kcore_iter(struct kiocb *iocb, struct iov_iter *iter) char *notes; size_t i = 0; - strlcpy(prpsinfo.pr_psargs, saved_command_line, + strscpy(prpsinfo.pr_psargs, saved_command_line, sizeof(prpsinfo.pr_psargs)); notes = kzalloc(notes_len, GFP_KERNEL); |