From: Kees Cook <kees@kernel.org>
To: Thorsten Blum <thorsten.blum@linux.dev>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>,
Al Viro <viro@zeniv.linux.org.uk>,
linux-hardening@vger.kernel.org, linux-usb@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] USB: gadget: Replace deprecated strncpy() with strscpy()
Date: Mon, 7 Apr 2025 11:54:08 -0700 [thread overview]
Message-ID: <202504071153.46436ACBB@keescook> (raw)
In-Reply-To: <20250320165647.34859-2-thorsten.blum@linux.dev>
On Thu, Mar 20, 2025 at 05:56:44PM +0100, Thorsten Blum wrote:
> strncpy() is deprecated for NUL-terminated destination buffers; use
> strscpy() instead. Since kzalloc() already zeroes out the destination
> buffer, the potential NUL-padding by strncpy() is unnecessary. strscpy()
> copies only the required characters and guarantees NUL-termination.
Looks right to me; thanks for the details!
>
> Since the destination buffer has a fixed length, strscpy() automatically
> determines its size using sizeof() when the argument is omitted. This
> makes an explicit sizeof() call unnecessary.
>
> The source string is also NUL-terminated and meets the __must_be_cstr()
> requirement of strscpy().
>
> No functional changes intended.
>
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Reviewed-by: Kees Cook <kees@kernel.org>
> ---
> drivers/usb/gadget/legacy/inode.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c
> index b6a30d88a800..fcce84a726f2 100644
> --- a/drivers/usb/gadget/legacy/inode.c
> +++ b/drivers/usb/gadget/legacy/inode.c
> @@ -1615,7 +1615,7 @@ static int activate_ep_files (struct dev_data *dev)
> mutex_init(&data->lock);
> init_waitqueue_head (&data->wait);
>
> - strncpy (data->name, ep->name, sizeof (data->name) - 1);
> + strscpy(data->name, ep->name);
> refcount_set (&data->count, 1);
> data->dev = dev;
> get_dev (dev);
--
Kees Cook
prev parent reply other threads:[~2025-04-07 18:54 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-20 16:56 [PATCH] USB: gadget: Replace deprecated strncpy() with strscpy() Thorsten Blum
2025-04-07 18:54 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202504071153.46436ACBB@keescook \
--to=kees@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=krzysztof.kozlowski@linaro.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=thorsten.blum@linux.dev \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.