Re: [PATCH] ACPICA: Replace strncpy() with strscpy_pad() in acpi_ut_safe_strncpy()

Mon, 23 Mar 2026 10:41:55 -0700 

On Mon, Mar 23, 2026 at 6:24 PM Kees Cook <[email protected]> wrote:
>
> Replace the deprecated[1] strncpy() with strscpy_pad() in
> acpi_ut_safe_strncpy().
>
> The function is a "safe strncpy" wrapper that does
> strncpy(dest, source, dest_size) followed by manual NUL-termination
> at dest[dest_size - 1]. strscpy_pad() is a direct replacement: it
> NUL-terminates, zero-pads the remainder, and the manual termination
> is no longer needed.
>
> All callers pass NUL-terminated source strings (C string literals,
> __FILE__ via ACPI_MODULE_NAME, or user-provided filenames that have
> already been validated). The destinations are fixed-size char arrays
> in ACPICA internal structures (allocation->module, aml_op_name,
> acpi_gbl_db_debug_filename), all consumed as C strings.
>
> No behavioral change: strscpy_pad() produces identical output to
> strncpy() + manual NUL-termination for NUL-terminated sources that
> are shorter than dest_size. For sources longer than dest_size,
> strncpy() wrote dest_size non-NUL bytes then the manual termination
> overwrote the last byte with NUL; strscpy_pad() writes dest_size-1
> bytes plus NUL: same result.
>
> Link: https://github.com/KSPP/linux/issues/90 [1]
> Signed-off-by: Kees Cook <[email protected]>
> ---
> This touches the ACPICA component shared with the upstream ACPICA
> project (https://github.com/acpica/acpica), where the function
> is named AcpiUtSafeStrncpy(). The upstream codebase uses its own
> platform abstraction layer (acenv.h/acgcc.h) where I've mapped various
> kernel APIs before like ACPI_FLEX_ARRAY and similar helpers. However,
> acpi_ut_safe_strncpy() is an explicit function implementation rather
> than a macro mapping, so the approach for upstreaming this change to
> ACPICA is not clear. What's the best way to land this?

I can apply this directly, it shouldn't be a major problem for porting
patches from the upstream.

> (This is one of the last users of strncpy in the kernel.)
> ---
>  drivers/acpi/acpica/utnonansi.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/drivers/acpi/acpica/utnonansi.c b/drivers/acpi/acpica/utnonansi.c
> index ff0802ace19b..3a7952be6545 100644
> --- a/drivers/acpi/acpica/utnonansi.c
> +++ b/drivers/acpi/acpica/utnonansi.c
> @@ -168,8 +168,7 @@ void acpi_ut_safe_strncpy(char *dest, char *source, 
> acpi_size dest_size)
>  {
>         /* Always terminate destination string */
>
> -       strncpy(dest, source, dest_size);
> -       dest[dest_size - 1] = 0;
> +       strscpy_pad(dest, source, dest_size);
>  }
>
>  #endif
> --

Reply via email to