Replace strncpy with strlcpy to fix the following gcc warning.
drivers/staging/r8188eu/os_dep/ioctl_linux.c: In function 'rtw_wx_set_enc_ext':
drivers/staging/r8188eu/os_dep/ioctl_linux.c:1929:9: warning: 'strncpy' specified bound 16 equals destination size [-Wstringop-truncation]
1929 | strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The destination buffer size is IEEE_CRYPT_ALG_NAME_LEN and the length
of the string to copy is always < IEEE_CRYPT_ALG_NAME_LEN. So strlcpy
will never truncate the string.
Signed-off-by: Michael Straube <[email protected]>
---
drivers/staging/r8188eu/os_dep/ioctl_linux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
index 51f46696a593..4f0ae821d193 100644
--- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c
+++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
@@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
return -1;
}
- strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
+ strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
if (pext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY)
param->u.crypt.set_tx = 1;
--
2.33.0
On Mon, 18 Oct 2021 at 23:13, Michael Straube <[email protected]> wrote:
>
> Replace strncpy with strlcpy to fix the following gcc warning.
>
> drivers/staging/r8188eu/os_dep/ioctl_linux.c: In function 'rtw_wx_set_enc_ext':
> drivers/staging/r8188eu/os_dep/ioctl_linux.c:1929:9: warning: 'strncpy' specified bound 16 equals destination size [-Wstringop-truncation]
> 1929 | strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> The destination buffer size is IEEE_CRYPT_ALG_NAME_LEN and the length
> of the string to copy is always < IEEE_CRYPT_ALG_NAME_LEN. So strlcpy
> will never truncate the string.
>
> Signed-off-by: Michael Straube <[email protected]>
> ---
> drivers/staging/r8188eu/os_dep/ioctl_linux.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> index 51f46696a593..4f0ae821d193 100644
> --- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> +++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> @@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
> return -1;
> }
>
> - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> + strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
>
> if (pext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY)
> param->u.crypt.set_tx = 1;
> --
> 2.33.0
>
Looks good, thanks.
Acked-by: Phillip Potter <[email protected]>
Regards,
Phil
Thus wrote Michael Straube ([email protected]):
> Replace strncpy with strlcpy to fix the following gcc warning.
> drivers/staging/r8188eu/os_dep/ioctl_linux.c: In function 'rtw_wx_set_enc_ext':
> drivers/staging/r8188eu/os_dep/ioctl_linux.c:1929:9: warning: 'strncpy' specified bound 16 equals destination size [-Wstringop-truncation]
> 1929 | strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> The destination buffer size is IEEE_CRYPT_ALG_NAME_LEN and the length
> of the string to copy is always < IEEE_CRYPT_ALG_NAME_LEN. So strlcpy
> will never truncate the string.
> Signed-off-by: Michael Straube <[email protected]>
> ---
> drivers/staging/r8188eu/os_dep/ioctl_linux.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> index 51f46696a593..4f0ae821d193 100644
> --- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> +++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> @@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
> return -1;
> }
> - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> + strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> if (pext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY)
> param->u.crypt.set_tx = 1;
> --
> 2.33.0
Hi Michael,
it's too late for another ack as Greg has already taken the patch.
Anyway, thanks for fixing the mess I created with my Makefile patches.
Martin
On Tue, Oct 19, 2021 at 12:12:31AM +0200, Michael Straube wrote:
> diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> index 51f46696a593..4f0ae821d193 100644
> --- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> +++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> @@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
> return -1;
> }
>
> - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> + strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
Greg has already taken this, and it's not a big deal, but generally
avoid using strlcpy(). It should be strscpy(). The difference is that
strlcpy() does strlen(alg_name) so it can be a read overflow if the
alg_name is not NUL terminated.
In this case, we know that alg_name is valid so it's fine.
I think that strlcpy() could all be converted to strscpy() without
breaking anything? So eventually someone will probably use sed or
coccinelle to do that.
Changing strncpy() to strscpy() is more complicated because maybe people
test afterwards to see if the last character is NUL and also because
some need to be converted to strscpy_pad().
regards,
dan carpenter