[PATCH] staging: rtl8192e: prefer strscpy over strncpy

[PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Michael Straube]

Replace strncpy with strscpy in two places where the destination buffer
should be NUL-terminated. Found by checkpatch.

WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90

Signed-off-by: Michael Straube <straube.linux@gmail.com>
---
 drivers/staging/rtl8192e/rtllib_softmac.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/rtl8192e/rtllib_softmac.c b/drivers/staging/rtl8192e/rtllib_softmac.c
index 0e52b207942d..bd19d6a2ce41 100644
--- a/drivers/staging/rtl8192e/rtllib_softmac.c
+++ b/drivers/staging/rtl8192e/rtllib_softmac.c
@@ -1564,7 +1564,7 @@ inline void rtllib_softmac_new_net(struct rtllib_device *ieee,
 				    (!strncmp(ieee->current_network.ssid,
 				    net->hidden_ssid, net->hidden_ssid_len));
 			if (net->hidden_ssid_len > 0) {
-				strncpy(net->ssid, net->hidden_ssid,
+				strscpy(net->ssid, net->hidden_ssid,
 					net->hidden_ssid_len);
 				net->ssid_len = net->hidden_ssid_len;
 				ssidbroad = 1;
@@ -2431,7 +2431,7 @@ static void rtllib_start_master_bss(struct rtllib_device *ieee)
 	ieee->assoc_id = 1;
 
 	if (ieee->current_network.ssid_len == 0) {
-		strncpy(ieee->current_network.ssid,
+		strscpy(ieee->current_network.ssid,
 			RTLLIB_DEFAULT_TX_ESSID,
 			IW_ESSID_MAX_SIZE);
 
-- 
2.41.0

Re: [PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Greg KH]

On Sat, Aug 05, 2023 at 09:51:14AM +0200, Michael Straube wrote:
> Replace strncpy with strscpy in two places where the destination buffer
> should be NUL-terminated. Found by checkpatch.
> 
> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90

If a global search/replace could be done, it would have happend a long
time ago.

How was this tested?  The functions work differently, are you sure there
is no change in functionality here?

thanks,

greg k-h

Re: [PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Michael Straube]

On 8/9/23 14:21, Greg KH wrote:
> On Sat, Aug 05, 2023 at 09:51:14AM +0200, Michael Straube wrote:
>> Replace strncpy with strscpy in two places where the destination buffer
>> should be NUL-terminated. Found by checkpatch.
>>
>> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90
> 
> If a global search/replace could be done, it would have happend a long
> time ago.
> 
> How was this tested?  The functions work differently, are you sure there
> is no change in functionality here?
> 

It was only compile tested. To me it looked as it does not change
functionality, but looking a bit deeper at it I'm not sure anymore.
So, we should leave it as is.

thank you
Michael

Re: [PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Dan Carpenter]

On Wed, Aug 09, 2023 at 08:02:05PM +0200, Michael Straube wrote:
> On 8/9/23 14:21, Greg KH wrote:
> > On Sat, Aug 05, 2023 at 09:51:14AM +0200, Michael Straube wrote:
> > > Replace strncpy with strscpy in two places where the destination buffer
> > > should be NUL-terminated. Found by checkpatch.
> > > 
> > > WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90
> > 
> > If a global search/replace could be done, it would have happend a long
> > time ago.
> > 
> > How was this tested?  The functions work differently, are you sure there
> > is no change in functionality here?
> > 
> 
> It was only compile tested. To me it looked as it does not change
> functionality, but looking a bit deeper at it I'm not sure anymore.
> So, we should leave it as is.

So there are three main differences between strncpy() and strcpy().

1) The return.
2) strncpy() will always write net->hidden_ssid_len bytes.  If the
   string to copy is smaller than net->hidden_ssid_len bytes it will
   fill the rest with zeroes.  This can be important for preventing
   information leaks.
3) strscpy() will always add a NUL terminator where strncpy() just
   truncates a too long string without adding a terminator.

We want #3.  We don't care about #1.  The only thing to check is #2.

regards,
dan carpenter

Re: [PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Michael Straube]

On 8/10/23 07:01, Dan Carpenter wrote:
> On Wed, Aug 09, 2023 at 08:02:05PM +0200, Michael Straube wrote:
>> On 8/9/23 14:21, Greg KH wrote:
>>> On Sat, Aug 05, 2023 at 09:51:14AM +0200, Michael Straube wrote:
>>>> Replace strncpy with strscpy in two places where the destination buffer
>>>> should be NUL-terminated. Found by checkpatch.
>>>>
>>>> WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90
>>>
>>> If a global search/replace could be done, it would have happend a long
>>> time ago.
>>>
>>> How was this tested?  The functions work differently, are you sure there
>>> is no change in functionality here?
>>>
>>
>> It was only compile tested. To me it looked as it does not change
>> functionality, but looking a bit deeper at it I'm not sure anymore.
>> So, we should leave it as is.
> 
> So there are three main differences between strncpy() and strcpy().
> 
> 1) The return.
> 2) strncpy() will always write net->hidden_ssid_len bytes.  If the
>     string to copy is smaller than net->hidden_ssid_len bytes it will
>     fill the rest with zeroes.  This can be important for preventing
>     information leaks.
> 3) strscpy() will always add a NUL terminator where strncpy() just
>     truncates a too long string without adding a terminator.
> 
> We want #3.  We don't care about #1.  The only thing to check is #2.
> 
> regards,
> dan carpenter
> 

Thank you Dan,

so in this case we should/could replace strncpy with strscpy_pad,
correct?

regards,
Michael

Re: [PATCH] staging: rtl8192e: prefer strscpy over strncpy

[Dan Carpenter]

On Fri, Aug 25, 2023 at 07:13:42AM +0200, Michael Straube wrote:
> On 8/10/23 07:01, Dan Carpenter wrote:
> > On Wed, Aug 09, 2023 at 08:02:05PM +0200, Michael Straube wrote:
> > > On 8/9/23 14:21, Greg KH wrote:
> > > > On Sat, Aug 05, 2023 at 09:51:14AM +0200, Michael Straube wrote:
> > > > > Replace strncpy with strscpy in two places where the destination buffer
> > > > > should be NUL-terminated. Found by checkpatch.
> > > > > 
> > > > > WARNING: Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90
> > > > 
> > > > If a global search/replace could be done, it would have happend a long
> > > > time ago.
> > > > 
> > > > How was this tested?  The functions work differently, are you sure there
> > > > is no change in functionality here?
> > > > 
> > > 
> > > It was only compile tested. To me it looked as it does not change
> > > functionality, but looking a bit deeper at it I'm not sure anymore.
> > > So, we should leave it as is.
> > 
> > So there are three main differences between strncpy() and strcpy().
> > 
> > 1) The return.
> > 2) strncpy() will always write net->hidden_ssid_len bytes.  If the
> >     string to copy is smaller than net->hidden_ssid_len bytes it will
> >     fill the rest with zeroes.  This can be important for preventing
> >     information leaks.
> > 3) strscpy() will always add a NUL terminator where strncpy() just
> >     truncates a too long string without adding a terminator.
> > 
> > We want #3.  We don't care about #1.  The only thing to check is #2.
> > 
> > regards,
> > dan carpenter
> > 
> 
> Thank you Dan,
> 
> so in this case we should/could replace strncpy with strscpy_pad,
> correct?

I'm pretty sure that strscpy() was correct.  It requires some analysis
in how this is initialized and/or used.

Don't just automatically use strscpy_pad() to try avoid doing the
analysis.  ;)

regards,
dan carpenter