Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with
strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine
device. From printouts I see that at bootup the function is called
with an id of "lnbclka2" which is 8 bytes big.
Previously all 8 bytes of this string were copied to the
destination. Now only 7 bytes will be copied since strscpy_pad() saves
a byte for '\0' termination.
We don't need the '\0' termination in the destination. Let's go back
to strncpy(). According to the warning:
If a caller is using non-NUL-terminated strings, strncpy() can still
be used, but destinations should be marked with the __nonstring
attribute to avoid future compiler warnings.
...so we'll do that.
While we're at it, let's change the query array to use
"sizeof(ent->id)" so it can't possibly go out of sync with our later
copy.
Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()")
Signed-off-by: Douglas Anderson <[email protected]>
Reviewed-by: Matthias Kaehlcke <[email protected]>
Reviewed-by: Krzysztof Kozlowski <[email protected]>
---
Changes in v3:
- Add comment that query isn't necessarily '\0' terminated.
Changes in v2:
- Size array with "sizeof(ent->id)"
drivers/soc/qcom/cmd-db.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
index c5137c25d819..629a7188b576 100644
--- a/drivers/soc/qcom/cmd-db.c
+++ b/drivers/soc/qcom/cmd-db.c
@@ -141,14 +141,18 @@ static int cmd_db_get_header(const char *id, const struct entry_header **eh,
const struct rsc_hdr *rsc_hdr;
const struct entry_header *ent;
int ret, i, j;
- u8 query[8];
+ u8 query[sizeof(ent->id)] __nonstring;
ret = cmd_db_ready();
if (ret)
return ret;
- /* Pad out query string to same length as in DB */
- strscpy_pad(query, id, sizeof(query));
+ /*
+ * Pad out query string to same length as in DB. NOTE: the output
+ * query string is not necessarily '\0' terminated if it bumps up
+ * against the max size. That's OK and expected.
+ */
+ strncpy(query, id, sizeof(query));
for (i = 0; i < MAX_SLV_ID; i++) {
rsc_hdr = &cmd_db_header->header[i];
--
2.37.0.rc0.161.g10f37bed90-goog
On 28/06/2022 15:43, Douglas Anderson wrote:
> Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with
> strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine
> device. From printouts I see that at bootup the function is called
> with an id of "lnbclka2" which is 8 bytes big.
>
> Previously all 8 bytes of this string were copied to the
> destination. Now only 7 bytes will be copied since strscpy_pad() saves
> a byte for '\0' termination.
>
> We don't need the '\0' termination in the destination. Let's go back
> to strncpy(). According to the warning:
> If a caller is using non-NUL-terminated strings, strncpy() can still
> be used, but destinations should be marked with the __nonstring
> attribute to avoid future compiler warnings.
> ...so we'll do that.
>
> While we're at it, let's change the query array to use
> "sizeof(ent->id)" so it can't possibly go out of sync with our later
> copy.
>
> Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()")
> Signed-off-by: Douglas Anderson <[email protected]>
> Reviewed-by: Matthias Kaehlcke <[email protected]>
> Reviewed-by: Krzysztof Kozlowski <[email protected]>
> ---
>
> Changes in v3:
> - Add comment that query isn't necessarily '\0' terminated.
>
Thanks!
Best regards,
Krzysztof
On Tue, 28 Jun 2022 06:43:13 -0700, Douglas Anderson wrote:
> Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with
> strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine
> device. From printouts I see that at bootup the function is called
> with an id of "lnbclka2" which is 8 bytes big.
>
> Previously all 8 bytes of this string were copied to the
> destination. Now only 7 bytes will be copied since strscpy_pad() saves
> a byte for '\0' termination.
>
> [...]
Applied, thanks!
[1/1] soc: qcom: cmd-db: replace strscpy_pad() with strncpy()
commit: fe72f9bce137055fb744d4f8a91baa234ec07baa
Best regards,
--
Bjorn Andersson <[email protected]>
Quoting Douglas Anderson (2022-06-28 06:43:13)
> Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with
> strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine
> device. From printouts I see that at bootup the function is called
> with an id of "lnbclka2" which is 8 bytes big.
>
> Previously all 8 bytes of this string were copied to the
> destination. Now only 7 bytes will be copied since strscpy_pad() saves
> a byte for '\0' termination.
>
> We don't need the '\0' termination in the destination. Let's go back
> to strncpy(). According to the warning:
> If a caller is using non-NUL-terminated strings, strncpy() can still
> be used, but destinations should be marked with the __nonstring
> attribute to avoid future compiler warnings.
> ...so we'll do that.
>
> While we're at it, let's change the query array to use
> "sizeof(ent->id)" so it can't possibly go out of sync with our later
> copy.
>
> Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()")
> Signed-off-by: Douglas Anderson <[email protected]>
> Reviewed-by: Matthias Kaehlcke <[email protected]>
> Reviewed-by: Krzysztof Kozlowski <[email protected]>
> ---
Reviewed-by: Stephen Boyd <[email protected]>