Re: [PATCH v2] drm/modes: replace deprecated strncpy with strscpy_pad
On Mon, 16 Oct 2023 22:38:20 +, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We should NUL-pad as there are full struct copies happening in places: > | struct drm_mode_modeinfo umode; > | > | ... > | struct drm_property_blob *blob; > | > | drm_mode_convert_to_umode(, mode); > | blob = drm_property_create_blob(crtc->dev, > | sizeof(umode), ); > > [...] Applied to for-next/hardening, thanks! [1/1] drm/modes: replace deprecated strncpy with strscpy_pad https://git.kernel.org/kees/c/d8d273c595db Take care, -- Kees Cook
Re: [PATCH v2] drm/modes: replace deprecated strncpy with strscpy_pad
On Mon, Oct 16, 2023 at 10:38:20PM +, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We should NUL-pad as there are full struct copies happening in places:
> | struct drm_mode_modeinfo umode;
> |
> | ...
> | struct drm_property_blob *blob;
> |
> | drm_mode_convert_to_umode(, mode);
> | blob = drm_property_create_blob(crtc->dev,
> | sizeof(umode), );
>
> A suitable replacement is `strscpy_pad` due to the fact that it
> guarantees both NUL-termination and NUL-padding on the destination
> buffer.
>
> Additionally, replace size macro `DRM_DISPLAY_MODE_LEN` with sizeof() to
> more directly tie the maximum buffer size to the destination buffer:
> | struct drm_display_mode {
> | ...
> | char name[DRM_DISPLAY_MODE_LEN];
>
> Link:
> https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
> [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Cc: Xu Panda
> Signed-off-by: Justin Stitt
Thanks for the respin; this looks good to me.
Reviewed-by: Kees Cook
--
Kees Cook
