diff options
| author | Justin Stitt <[email protected]> | 2023-10-03 21:01:58 +0000 |
|---|---|---|
| committer | Kees Cook <[email protected]> | 2023-11-30 13:38:50 -0800 |
| commit | d4011f6817ae85e42874af705fec866fec7c4ecf (patch) | |
| tree | 3ffa2ac9dfa3abc5bdb23cb77e85329b6249980e /lib/test_fortify/write_overflow-strncpy-src.c | |
| parent | 40b2519d7566266d7eafd3c5232c73a497640bca (diff) | |
HID: uhid: replace deprecated strncpy with strscpy
`strncpy` is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.
A suitable replacement is `strscpy` [2] due to the fact that it
guarantees NUL-termination on the destination buffer without
unnecessarily NUL-padding.
Furthermore, let's make sure `hid->xyz` and `ev->u.create2.xyz` are the
same size at compile time to prevent silent truncation.
With these changes, it is abundantly clear what the intent and behavior
of the code is -- We are getting a string to string copy with
NUL-termination and no truncation.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: [email protected]
Cc: Kees Cook <[email protected]>
Signed-off-by: Justin Stitt <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Kees Cook <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy-src.c')
0 files changed, 0 insertions, 0 deletions