Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp4775339rwd; Tue, 30 May 2023 09:41:00 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6ng9NtttMahVcWHhjg/qk2CJUmu1ErxYy2GI3gj1VGMAKihFmmEhNrRsW09s2wtkIo8jVK X-Received: by 2002:a05:6a00:1745:b0:643:59cd:6cad with SMTP id j5-20020a056a00174500b0064359cd6cadmr3476677pfc.24.1685464859666; Tue, 30 May 2023 09:40:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685464859; cv=none; d=google.com; s=arc-20160816; b=dcvBC6hCYpT7TfXphDvzWHU28lX0ed9dc8t1CiOavZ/JroiUlp5dR7qx8C7Hqd0BZq 7qmjYOj9+yDAafZHpMeIMQJ2SIIIV6Eio65ij5Fjs0yW2HOdnzrMLcB0zSzCQwd5w7hk YOEj4sy0nUqOFD4Gn401tdVMJZN0Dby71sJS/cvubI5c56RrrKyyEeJ78N/Hxv6VK9PB LCL9yFn7oScLsFZDqtbVRGGxxMZrAM0Iu80MhH4zg5xM1s21AT7cOuT6JLtdgHW1PqhK W2yDfL/6b5/ufqINs7uXpd7Ej9nmKxVNyetqjlAHOszBF1xHULB7cXVlUAF/IkSK7OQj Sr1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=iLnzBlwd4R6Xah7NSEk7Gqbfnuy0fx7IzR6wWPi2abY=; b=ya2/W4T86KlLPew+Jzhab5Y2/CC05zyvmOPNjPMCKvrCPT8dWK9DXlpG2RMPSHWplO n8Tt1dOt9E5xDHShOiXzkgeNI1EiFsVnBcvRZfa+qcNg6jvQUBRFpwaTQep2J+N+Xs+l zNNwK19oVxndJJeaY3o6KJx/4T9tvuGdcjHS3QEEz75Iu9FP0BP1tD9RcLhLfBlSA95f uaY+Y1aEFd3brWP2TjPLJ7JCLZPCGx0Sf1FstmCn6fvxIl/jbWDAmzbWqVEA++achY8k O5ujVpUOjZ2inmB9LjxdBd3C5ryTmt9i0hcMPL1eiF4iViyHfYt2QG6oUPhQrN8QjovG ad5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=ZrBmmyjd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b28-20020aa78edc000000b0064f74cf9df3si1975065pfr.110.2023.05.30.09.40.45; Tue, 30 May 2023 09:40:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=ZrBmmyjd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232611AbjE3Qbe (ORCPT + 99 others); Tue, 30 May 2023 12:31:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45594 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232523AbjE3QbR (ORCPT ); Tue, 30 May 2023 12:31:17 -0400 Received: from mail-il1-x134.google.com (mail-il1-x134.google.com [IPv6:2607:f8b0:4864:20::134]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B538D102; Tue, 30 May 2023 09:30:46 -0700 (PDT) Received: by mail-il1-x134.google.com with SMTP id e9e14a558f8ab-3360a95c0a1so6350415ab.0; Tue, 30 May 2023 09:30:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685464244; x=1688056244; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=iLnzBlwd4R6Xah7NSEk7Gqbfnuy0fx7IzR6wWPi2abY=; b=ZrBmmyjdqwAUMrQ0s1MT6bcQHlkw9VOKADCoct8GsAUr1nE4RCwwN5o/W71+uSJFYa jhEFyLRZZh8JsKtJ87D/B5VWtVaJm0GRri631dez2iYRwMkuQGq12ecIFu3Q1fed0GTx UjO6Ql+YxfHp3FY9pYI27aWHPTZSjaAVEcrGDHCC3mkeOjoUlMOX8IapM2wlEOl1nJi/ LyuPi27B99capG2hZahRtiHU+74lQfFpFocCQQ62uhK+iJ6XByVMbKpUPSAy/+zs0mp9 FQaLM3LYgmLy8tEYOqhBIkgvBOIsjcz1tNonw9v3PPvU0KemzJEELmI5hOeqKMaz7FY4 lx0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685464244; x=1688056244; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=iLnzBlwd4R6Xah7NSEk7Gqbfnuy0fx7IzR6wWPi2abY=; b=ZXQ5zFAY3qkdrlSzkElNH0ZV3yXaNcz38fd1xSFG6NVNpE0swimmkpm/dfdfFaKJsO P+5WVNeueAOwFnJPYs2o+p00Ax7GBUr8RwNx5W1QZmFD0d2vTEZoktbHEXkdyvxb3QN7 MNqTAAp2OuUVa6vfQ4/6pTwiGMwUwr5NWLM5neJvgVNbIdzngxlSha8qJlRqHLy861PE sy4poaYBiI/sFHrsp/D+hW4n/oRqcx6qn5cxGmm04oTodNmLP/9cHkYycwsOxmHNZrv2 jgL7vfl0V249tRm2r19brbePoqJpKNR8NuKrA+qj1VnZY00jjnXXZrPf3J7Fbexarp2Y jtXA== X-Gm-Message-State: AC+VfDxYDJn0jVGtsHggORgF2oV1pzq1UirCEDGT4JP/PUdFQSDsZJGG BeivZiPpFFkl6+1s8BM37kw= X-Received: by 2002:a92:d203:0:b0:335:56cb:a3a with SMTP id y3-20020a92d203000000b0033556cb0a3amr74431ily.16.1685464244493; Tue, 30 May 2023 09:30:44 -0700 (PDT) Received: from azeems-kspp.c.googlers.com.com (54.70.188.35.bc.googleusercontent.com. [35.188.70.54]) by smtp.gmail.com with ESMTPSA id a4-20020a92a304000000b0033af84e6321sm2543982ili.64.2023.05.30.09.30.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 May 2023 09:30:44 -0700 (PDT) From: Azeem Shaikh To: Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz Cc: linux-hardening@vger.kernel.org, Azeem Shaikh , linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org, Randy Dunlap Subject: [PATCH] sh: Replace all non-returning strlcpy with strscpy Date: Tue, 30 May 2023 16:30:41 +0000 Message-ID: <20230530163041.985456-1-azeemshaikh38@gmail.com> X-Mailer: git-send-email 2.41.0.rc0.172.g3f132b7071-goog MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh --- arch/sh/drivers/dma/dma-api.c | 2 +- arch/sh/kernel/setup.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/sh/drivers/dma/dma-api.c b/arch/sh/drivers/dma/dma-api.c index ab9170494dcc..89cd4a3b4cca 100644 --- a/arch/sh/drivers/dma/dma-api.c +++ b/arch/sh/drivers/dma/dma-api.c @@ -198,7 +198,7 @@ int request_dma(unsigned int chan, const char *dev_id) if (atomic_xchg(&channel->busy, 1)) return -EBUSY; - strlcpy(channel->dev_id, dev_id, sizeof(channel->dev_id)); + strscpy(channel->dev_id, dev_id, sizeof(channel->dev_id)); if (info->ops->request) { result = info->ops->request(channel); diff --git a/arch/sh/kernel/setup.c b/arch/sh/kernel/setup.c index af977ec4ca5e..e4f0f9a1d355 100644 --- a/arch/sh/kernel/setup.c +++ b/arch/sh/kernel/setup.c @@ -304,9 +304,9 @@ void __init setup_arch(char **cmdline_p) bss_resource.end = virt_to_phys(__bss_stop)-1; #ifdef CONFIG_CMDLINE_OVERWRITE - strlcpy(command_line, CONFIG_CMDLINE, sizeof(command_line)); + strscpy(command_line, CONFIG_CMDLINE, sizeof(command_line)); #else - strlcpy(command_line, COMMAND_LINE, sizeof(command_line)); + strscpy(command_line, COMMAND_LINE, sizeof(command_line)); #ifdef CONFIG_CMDLINE_EXTEND strlcat(command_line, " ", sizeof(command_line)); strlcat(command_line, CONFIG_CMDLINE, sizeof(command_line));