diff options
| author | Azeem Shaikh <azeemshaikh38@gmail.com> | 2023-06-01 09:34:26 +0100 |
|---|---|---|
| committer | Russell King (Oracle) <rmk+kernel@armlinux.org.uk> | 2023-06-19 09:35:49 +0100 |
| commit | 7611b3358acbe9b95990ad63d66dd11efcac4594 (patch) | |
| tree | 71ee46e3ace6cdb6a79b005ccf7205a78fb04ed3 /arch/arm/kernel/vdso.c | |
| parent | ddbb7ea96a609335837d0579b7e0cc5e6dbaabce (diff) | |
| download | linux-stable-7611b3358acbe9b95990ad63d66dd11efcac4594.tar.gz linux-stable-7611b3358acbe9b95990ad63d66dd11efcac4594.tar.bz2 linux-stable-7611b3358acbe9b95990ad63d66dd11efcac4594.zip | |
ARM: 9300/1: Replace all non-returning strlcpy with strscpy
strlcpy() reads the entire source buffer first. This read may exceed
the destination size limit. This is both inefficient and can lead to
linear read overflows if a source string is not NUL-terminated [1]. In
an effort to remove strlcpy() completely [2], replace strlcpy() here
with strscpy(). No return values were used, so direct replacement is
safe.
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
[ardb: submitting to the patch tracker on behalf of Azeem]
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Diffstat (limited to 'arch/arm/kernel/vdso.c')
| -rw-r--r-- | arch/arm/kernel/vdso.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/arm/kernel/vdso.c b/arch/arm/kernel/vdso.c index 3408269d19c7..f297d66a8a76 100644 --- a/arch/arm/kernel/vdso.c +++ b/arch/arm/kernel/vdso.c @@ -135,7 +135,7 @@ static Elf32_Sym * __init find_symbol(struct elfinfo *lib, const char *symname) if (lib->dynsym[i].st_name == 0) continue; - strlcpy(name, lib->dynstr + lib->dynsym[i].st_name, + strscpy(name, lib->dynstr + lib->dynsym[i].st_name, MAX_SYMNAME); c = strchr(name, '@'); if (c) |