From: Thorsten Blum <thorsten.blum@linux.dev>
To: Tyler Hicks <code@tyhicks.com>,
Thorsten Blum <thorsten.blum@linux.dev>,
Eric Biggers <ebiggers@kernel.org>,
Christian Brauner <brauner@kernel.org>,
Ard Biesheuvel <ardb@kernel.org>,
Baolin Liu <liubaolin@kylinos.cn>,
Slark Xiao <slark_xiao@163.com>
Cc: ecryptfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH] ecryptfs: Replace memcpy + manual NUL termination with strscpy
Date: Sun, 18 Jan 2026 18:30:49 +0100 [thread overview]
Message-ID: <20260118173055.1197250-1-thorsten.blum@linux.dev> (raw)
Use strscpy() to copy the NUL-terminated '->token.password.signature'
and 'sig' to the destination buffers instead of using memcpy() followed
by manual NUL terminations.
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
fs/ecryptfs/debug.c | 5 ++---
fs/ecryptfs/keystore.c | 6 ++----
2 files changed, 4 insertions(+), 7 deletions(-)
diff --git a/fs/ecryptfs/debug.c b/fs/ecryptfs/debug.c
index cf6d0e8e25a1..006ab871cda9 100644
--- a/fs/ecryptfs/debug.c
+++ b/fs/ecryptfs/debug.c
@@ -7,6 +7,7 @@
* Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
*/
+#include <linux/string.h>
#include "ecryptfs_kernel.h"
/*
@@ -34,9 +35,7 @@ void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok)
ECRYPTFS_PERSISTENT_PASSWORD) {
ecryptfs_printk(KERN_DEBUG, " * persistent\n");
}
- memcpy(sig, auth_tok->token.password.signature,
- ECRYPTFS_SIG_SIZE_HEX);
- sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+ strscpy(sig, auth_tok->token.password.signature);
ecryptfs_printk(KERN_DEBUG, " * signature = [%s]\n", sig);
}
ecryptfs_printk(KERN_DEBUG, " * session_key.flags = [0x%x]\n",
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index bbf8603242fa..a615489e5a17 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -2457,8 +2457,7 @@ int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig)
if (!new_key_sig)
return -ENOMEM;
- memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX);
- new_key_sig->keysig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+ strscpy(new_key_sig->keysig, sig);
/* Caller must hold keysig_list_mutex */
list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list);
@@ -2478,9 +2477,8 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
if (!new_auth_tok)
return -ENOMEM;
- memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX);
+ strscpy(new_auth_tok->sig, sig);
new_auth_tok->flags = global_auth_tok_flags;
- new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
list_add(&new_auth_tok->mount_crypt_stat_list,
&mount_crypt_stat->global_auth_tok_list);
--
Thorsten Blum <thorsten.blum@linux.dev>
GPG: 1D60 735E 8AEF 3BE4 73B6 9D84 7336 78FD 8DFE EAD4
reply other threads:[~2026-01-18 17:31 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260118173055.1197250-1-thorsten.blum@linux.dev \
--to=thorsten.blum@linux.dev \
--cc=ardb@kernel.org \
--cc=brauner@kernel.org \
--cc=code@tyhicks.com \
--cc=ebiggers@kernel.org \
--cc=ecryptfs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=liubaolin@kylinos.cn \
--cc=slark_xiao@163.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox