mirror of
https://github.com/torvalds/linux.git
synced 2025-12-07 20:06:24 +00:00
7b9ef666f2
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on its destination buffer argument which is _not_ the case for `strncpy`! It should be noted that the destination buffer is zero-initialized and had a max length of `sizeof(dest) - 1`. There is likely _not_ a bug present in the current implementation. However, by switching to `strscpy` we get the benefit of no longer needing the `- 1`'s from the string copy invocations on top of `strscpy` being a safer interface all together. [1]: www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [2]: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>