diff mbox series

wifi: iwlwifi: fw: replace deprecated strncpy with strscpy

Message ID 20231017-strncpy-drivers-net-wireless-intel-iwlwifi-fw-dbg-c-v1-1-bf69ec7d1b97@google.com
State Superseded
Headers show
Series wifi: iwlwifi: fw: replace deprecated strncpy with strscpy | expand

Commit Message

Justin Stitt Oct. 17, 2023, 9:58 p.m. UTC
strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.

Based on the deliberate `sizeof(dest) ... - 1` pattern we can see that
both dump_info->dev_human_readable and dump_info->bus_human_readable are
intended to be NUL-terminated.

Neither of these symbols seem to be actually used after being assigned.
Which means our replacement doesn't really matter. At any rate, it would
seem NUL-padding is not required so let's use `strscpy` [2] due to the
fact that it guarantees NUL-termination on the destination buffer
without unnecessarily NUL-padding. (but maybe these should be
used or removed).

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
Note: build-tested only.

Found with: $ rg "strncpy\("
---
 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)


---
base-commit: 58720809f52779dc0f08e53e54b014209d13eebb
change-id: 20231017-strncpy-drivers-net-wireless-intel-iwlwifi-fw-dbg-c-1f49f00b8a2e

Best regards,
--
Justin Stitt <justinstitt@google.com>

Comments

Kees Cook Oct. 19, 2023, 1:22 a.m. UTC | #1
On Tue, Oct 17, 2023 at 09:58:44PM +0000, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
> 
> Based on the deliberate `sizeof(dest) ... - 1` pattern we can see that
> both dump_info->dev_human_readable and dump_info->bus_human_readable are
> intended to be NUL-terminated.
> 
> Neither of these symbols seem to be actually used after being assigned.
> Which means our replacement doesn't really matter. At any rate, it would
> seem NUL-padding is not required so let's use `strscpy` [2] due to the
> fact that it guarantees NUL-termination on the destination buffer
> without unnecessarily NUL-padding. (but maybe these should be
> used or removed).

This appears to be crossing the file boundary. I would be more
comfortable seeing strscpy_pad() used here just to make sure there is no
behavior change at all.

-Kees

> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> ---
> Note: build-tested only.
> 
> Found with: $ rg "strncpy\("
> ---
>  drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/net/wireless/intel/iwlwifi/fw/dbg.c b/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
> index 3ab6a68f1e9f..5455f8d1aab0 100644
> --- a/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
> +++ b/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
> @@ -880,10 +880,10 @@ iwl_fw_error_dump_file(struct iwl_fw_runtime *fwrt,
>  			cpu_to_le32(fwrt->trans->hw_rev_step);
>  		memcpy(dump_info->fw_human_readable, fwrt->fw->human_readable,
>  		       sizeof(dump_info->fw_human_readable));
> -		strncpy(dump_info->dev_human_readable, fwrt->trans->name,
> -			sizeof(dump_info->dev_human_readable) - 1);
> -		strncpy(dump_info->bus_human_readable, fwrt->dev->bus->name,
> -			sizeof(dump_info->bus_human_readable) - 1);
> +		strscpy(dump_info->dev_human_readable, fwrt->trans->name,
> +			sizeof(dump_info->dev_human_readable));
> +		strscpy(dump_info->bus_human_readable, fwrt->dev->bus->name,
> +			sizeof(dump_info->bus_human_readable));
>  		dump_info->num_of_lmacs = fwrt->smem_cfg.num_lmacs;
>  		dump_info->lmac_err_id[0] =
>  			cpu_to_le32(fwrt->dump.lmac_err_id[0]);
> 
> ---
> base-commit: 58720809f52779dc0f08e53e54b014209d13eebb
> change-id: 20231017-strncpy-drivers-net-wireless-intel-iwlwifi-fw-dbg-c-1f49f00b8a2e
> 
> Best regards,
> --
> Justin Stitt <justinstitt@google.com>
> 
>
diff mbox series

Patch

diff --git a/drivers/net/wireless/intel/iwlwifi/fw/dbg.c b/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
index 3ab6a68f1e9f..5455f8d1aab0 100644
--- a/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
+++ b/drivers/net/wireless/intel/iwlwifi/fw/dbg.c
@@ -880,10 +880,10 @@  iwl_fw_error_dump_file(struct iwl_fw_runtime *fwrt,
 			cpu_to_le32(fwrt->trans->hw_rev_step);
 		memcpy(dump_info->fw_human_readable, fwrt->fw->human_readable,
 		       sizeof(dump_info->fw_human_readable));
-		strncpy(dump_info->dev_human_readable, fwrt->trans->name,
-			sizeof(dump_info->dev_human_readable) - 1);
-		strncpy(dump_info->bus_human_readable, fwrt->dev->bus->name,
-			sizeof(dump_info->bus_human_readable) - 1);
+		strscpy(dump_info->dev_human_readable, fwrt->trans->name,
+			sizeof(dump_info->dev_human_readable));
+		strscpy(dump_info->bus_human_readable, fwrt->dev->bus->name,
+			sizeof(dump_info->bus_human_readable));
 		dump_info->num_of_lmacs = fwrt->smem_cfg.num_lmacs;
 		dump_info->lmac_err_id[0] =
 			cpu_to_le32(fwrt->dump.lmac_err_id[0]);