scsi: libfc: replace deprecated strncpy() with memcpy()
strncpy() is deprecated [1] and as such we should use different apis to
copy string data.
We can see that ct is NUL-initialized with fc_ct_hdr_fill:
| ct = fc_ct_hdr_fill(fp, op, sizeof(struct fc_ns_rspn) + len,
...
In fc_ct_hdr_fill():
| memset(ct, 0, ct_plen);
We also calculate the length of the source string:
| len = strnlen(fc_host_symbolic_name(lport->host), 255);
...then this argument is used in strncpy(), which is bad because the
pattern of (dest, src, strlen(src)) usually leaves the destination
buffer without NUL-termination. However, it looks as though we do not
require NUL-termination since fr_name is part of a seq_buf-like
structure wherein its length is monitored:
| struct fc_ns_rspn {
| struct fc_ns_fid fr_fid; /* port ID object */
| __u8 fr_name_len;
| char fr_name[];
| } __attribute__((__packed__));
So, this is really just a byte copy into a length-bounded buffer. Let's use
memcpy().
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
Link: https://lore.kernel.org/r/20240221-strncpy-drivers-scsi-libfc-fc_encode-h-v2-1-019a0889c5ca@google.com
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
projects / linux.git / commit