From: David Laight <david.laight.linux@gmail.com>
To: Thorsten Blum <thorsten.blum@linux.dev>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] crypto: essiv - Replace memcpy() + NUL-termination with strscpy()
Date: Sun, 23 Mar 2025 10:20:57 +0000 [thread overview]
Message-ID: <20250323102057.79c810f1@pumpkin> (raw)
In-Reply-To: <20250316211504.39327-2-thorsten.blum@linux.dev>
On Sun, 16 Mar 2025 22:15:04 +0100
Thorsten Blum <thorsten.blum@linux.dev> wrote:
> Use strscpy() to copy the NUL-terminated string 'p' to the destination
> buffer instead of using memcpy() followed by a manual NUL-termination.
>
> No functional changes intended.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
> crypto/essiv.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/crypto/essiv.c b/crypto/essiv.c
> index 1c00c3324058..ec0ec8992c2d 100644
> --- a/crypto/essiv.c
> +++ b/crypto/essiv.c
> @@ -405,8 +405,7 @@ static bool parse_cipher_name(char *essiv_cipher_name, const char *cra_name)
> if (len >= CRYPTO_MAX_ALG_NAME)
> return false;
>
> - memcpy(essiv_cipher_name, p, len);
> - essiv_cipher_name[len] = '\0';
> + strscpy(essiv_cipher_name, p, len + 1);
That is just 'so wrong'.
The 'len' argument to strscpy() is supposed to be the length of the
buffer (in order to avoid overflow) not the number of characters.
In this case the bound check is before the copy (and the buffer assumed
to be the right size!)
So memcpy() + terminate is exactly correct.
The warning gcc emits for strncpy() when the length depends on the source
string is equally applicable to strscpy().
David
> return true;
> }
>
next prev parent reply other threads:[~2025-03-23 10:21 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-16 21:15 [PATCH] crypto: essiv - Replace memcpy() + NUL-termination with strscpy() Thorsten Blum
2025-03-21 11:07 ` Herbert Xu
2025-03-23 10:20 ` David Laight [this message]
2025-03-23 13:08 ` Thorsten Blum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250323102057.79c810f1@pumpkin \
--to=david.laight.linux@gmail.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=thorsten.blum@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox