diff mbox series

Input: synaptics-rmi4 - replace deprecated strncpy

Message ID 20230921-strncpy-drivers-input-rmi4-rmi_f34-c-v1-1-4aef2e84b8d2@google.com
State Accepted
Commit 96609688ab8a8ec25c4eeced53e88e26cff4fb06
Headers show
Series Input: synaptics-rmi4 - replace deprecated strncpy | expand

Commit Message

Justin Stitt Sept. 21, 2023, 9:58 a.m. UTC
`strncpy` is deprecated for use on NUL-terminated destination strings [1]

Let's use memcpy() as the bounds have already been checked and this
decays into a simple byte copy from one buffer to another removing any
ambiguity that strncpy has.

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
Note: build-tested only.

Similar to Kees' suggestion here [2]

[2]: https://lore.kernel.org/all/202309142045.7CBAE940E@keescook/
---
 drivers/input/rmi4/rmi_f34.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---
base-commit: 2cf0f715623872823a72e451243bbf555d10d032
change-id: 20230921-strncpy-drivers-input-rmi4-rmi_f34-c-4a6945316cea

Best regards,
--
Justin Stitt <justinstitt@google.com>

Comments

Kees Cook Sept. 24, 2023, 3:32 a.m. UTC | #1
On Thu, Sep 21, 2023 at 09:58:11AM +0000, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings [1]
> 
> Let's use memcpy() as the bounds have already been checked and this
> decays into a simple byte copy from one buffer to another removing any
> ambiguity that strncpy has.
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> ---
> Note: build-tested only.
> 
> Similar to Kees' suggestion here [2]
> 
> [2]: https://lore.kernel.org/all/202309142045.7CBAE940E@keescook/

Agreed. This is best as memcpy.

Reviewed-by: Kees Cook <keescook@chromium.org>

-Kees

> ---
>  drivers/input/rmi4/rmi_f34.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/input/rmi4/rmi_f34.c b/drivers/input/rmi4/rmi_f34.c
> index 0d9a5756e3f5..3b3ac71e53dc 100644
> --- a/drivers/input/rmi4/rmi_f34.c
> +++ b/drivers/input/rmi4/rmi_f34.c
> @@ -471,7 +471,7 @@ static ssize_t rmi_driver_update_fw_store(struct device *dev,
>  	if (buf[count - 1] == '\0' || buf[count - 1] == '\n')
>  		copy_count -= 1;
>  
> -	strncpy(fw_name, buf, copy_count);
> +	memcpy(fw_name, buf, copy_count);
>  	fw_name[copy_count] = '\0';
>  
>  	ret = request_firmware(&fw, fw_name, dev);
> 
> ---
> base-commit: 2cf0f715623872823a72e451243bbf555d10d032
> change-id: 20230921-strncpy-drivers-input-rmi4-rmi_f34-c-4a6945316cea
> 
> Best regards,
> --
> Justin Stitt <justinstitt@google.com>
>
Dmitry Torokhov Sept. 30, 2023, 4:06 p.m. UTC | #2
On Thu, Sep 21, 2023 at 09:58:11AM +0000, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings [1]
> 
> Let's use memcpy() as the bounds have already been checked and this
> decays into a simple byte copy from one buffer to another removing any
> ambiguity that strncpy has.
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>

Applied, thank you.
diff mbox series

Patch

diff --git a/drivers/input/rmi4/rmi_f34.c b/drivers/input/rmi4/rmi_f34.c
index 0d9a5756e3f5..3b3ac71e53dc 100644
--- a/drivers/input/rmi4/rmi_f34.c
+++ b/drivers/input/rmi4/rmi_f34.c
@@ -471,7 +471,7 @@  static ssize_t rmi_driver_update_fw_store(struct device *dev,
 	if (buf[count - 1] == '\0' || buf[count - 1] == '\n')
 		copy_count -= 1;
 
-	strncpy(fw_name, buf, copy_count);
+	memcpy(fw_name, buf, copy_count);
 	fw_name[copy_count] = '\0';
 
 	ret = request_firmware(&fw, fw_name, dev);