Received: by 2002:a05:7412:a9a2:b0:e2:908c:2ebd with SMTP id o34csp2888125rdh;
        Mon, 30 Oct 2023 10:25:20 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFhD0ku/85m2lNlyyERh9REhjdMEtqH9Sy7bqhSMQRiG/hfXEU+wmSqyCy5HUb9+bVCmnXc
X-Received: by 2002:a17:902:ce84:b0:1c2:218c:3754 with SMTP id f4-20020a170902ce8400b001c2218c3754mr12643514plg.53.1698686720437;
        Mon, 30 Oct 2023 10:25:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1698686720; cv=none;
        d=google.com; s=arc-20160816;
        b=i7Nela5/A36VSHLqRL74H9HCRbDfMIre2ncJsZYFldmLqGIUz6xNP0UV9apVcVOEPx
         R5jNX+FohODAMP0j9lnNtm4QjP+PEbOPFiTwidIP7fwGLLClcA7o/bj+MyPP2Q3WB8ys
         I/gfgy3wjHxHi6lsdrfSWKCKD/fTSKx50qAZBNpV9XhRiGwuoI99jr7Sq8eqIPSC3+xv
         asAyE4IHR4Sh6+q8Ilv31loTf/4SfGURQ+xd2lZjNGzHP3KM4Zs91ymfveS9aEm0QcPG
         kpnr3UmbIpl0k6+nMU6vwZwONi43GsTV+U2sm5wDzP+MBlwbj3/oZKP1GTGsBijaF2s+
         phHw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:date:message-id:user-agent:cc:to:references
         :in-reply-to:from:subject:content-transfer-encoding:mime-version
         :dkim-signature;
        bh=DA5izf5h35/pdPAxkSBRg3z+OoBQ+OmwlmhV8fMn1y4=;
        fh=/5Ctfx2ilDt7yiT0kTR9x2aGarm1cw3mbdZUCnlD9Bk=;
        b=mbIsLjRBpJPfdWnB2/7H5iaGBm5FK14btBRfXJ/OandVPtw7adgMr+O7tAEla9VptD
         W0Fwp7EcksEkq6S26ESFF+7/M5PT5rUSJMwK4lAWP4XG3OmGrQFxN0RQH63SQscPkZK4
         VCM4X/nfg3DzByRmVU+Zkh7TCdO5e9q3UZpvf0YbwIC20aP8dUcrWBg20XsSdeFIFFH4
         yNER/t+65DEXjFBjferh7gH3ffAzGlMAAAAmZGCaq88QwHUYjp2KX6PA9qKrZHIRVvqF
         cH9N99kyh7WrK0Ih0KCYOpA1mbvSVETF7lP9Gvsope88yD5k3UyY6MrFFJgRezR7zvmJ
         ClxQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=j5H8ZAaD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3])
        by mx.google.com with ESMTPS id n8-20020a170902d2c800b001cc550c83d5si1148651plc.515.2023.10.30.10.25.12
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 30 Oct 2023 10:25:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=j5H8ZAaD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by lipwig.vger.email (Postfix) with ESMTP id E45C380AF3DF;
	Mon, 30 Oct 2023 10:25:10 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232492AbjJ3RZD (ORCPT <rfc822;gvb.lkml@gmail.com> + 99 others);
        Mon, 30 Oct 2023 13:25:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58480 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233016AbjJ3RZB (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 30 Oct 2023 13:25:01 -0400
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 15D54C0;
        Mon, 30 Oct 2023 10:24:59 -0700 (PDT)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 96856C433C7;
        Mon, 30 Oct 2023 17:24:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1698686698;
        bh=PK/A8z3yZbNpKpLD9q6y6ISaFX6It4ni4b4D7mCk3SI=;
        h=Subject:From:In-Reply-To:References:To:Cc:Date:From;
        b=j5H8ZAaD84BLwmy67QicRyv36dH42wsdA20UkFF2a8aLZF0Fxe9xRJ0bJg0BnCkJS
         XtIXZgPI/7CAzoObiWFC12KpazElRzs+9DcWe5XhaErNyOnv4Q3G04Q/lkpwTSUHcj
         smJ7LWRJfPobgmJzENxNzM2LYJ7RT/GWSWw5RkDSVYmviwm6eqqHZB8wsJMtZd0Pyr
         LIw/rCnZqFivwsVuz8uNiO/tRLovFc87oJy0HpctYCGmaJEsfW6U+1S08CaphpOw4r
         8tjrnyTHnTK26XN95CJNpDD05VX6Kc9mx2tS9mpqIxp6TzYGOtZTcy0QFiT39U1n3e
         wXXKNAvOHsv9g==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: Re: [v2] wifi: airo: replace deprecated strncpy with strscpy_pad
From:   Kalle Valo <kvalo@kernel.org>
In-Reply-To: <20231026-strncpy-drivers-net-wireless-cisco-airo-c-v2-1-413427249e47@google.com>
References: <20231026-strncpy-drivers-net-wireless-cisco-airo-c-v2-1-413427249e47@google.com>
To:     Justin Stitt <justinstitt@google.com>
Cc:     linux-wireless@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-hardening@vger.kernel.org,
        Justin Stitt <justinstitt@google.com>
User-Agent: pwcli/0.1.1-git (https://github.com/kvalo/pwcli/) Python/3.11.2
Message-ID: <169868669554.1993746.6778918340957233673.kvalo@kernel.org>
Date:   Mon, 30 Oct 2023 17:24:57 +0000 (UTC)
X-Spam-Status: No, score=-1.7 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Mon, 30 Oct 2023 10:25:11 -0700 (PDT)

Justin Stitt <justinstitt@google.com> wrote:

> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
> 
> `extra` is clearly supposed to be NUL-terminated which is evident by the
> manual NUL-byte assignment as well as its immediate usage with strlen().
> 
> Moreover, let's NUL-pad since there is deliberate effort (48 instances)
> made elsewhere to zero-out buffers in these getters and setters:
> 6050 | memset(local->config.nodeName, 0, sizeof(local->config.nodeName));
> 6130 | memset(local->config.rates, 0, 8);
> 6139 | memset(local->config.rates, 0, 8);
> 6414 | memset(key.key, 0, MAX_KEY_SIZE);
> 6497 | memset(extra, 0, 16);
> (to be clear, strncpy also NUL-padded -- we are matching that behavior)
> 
> Considering the above, a suitable replacement is `strscpy_pad` due to
> the fact that it guarantees both NUL-termination and NUL-padding on the
> destination buffer.
> 
> We can also replace the hard-coded size of "16" to IW_ESSID_MAX_SIZE
> because this function is a wext handler.
> 
> In wext-core.c we have:
> static const struct iw_ioctl_description standard_ioctl[] = {
> ...
>         [IW_IOCTL_IDX(SIOCGIWNICKN)] = {
>                 .header_type    = IW_HEADER_TYPE_POINT,
>                 .token_size     = 1,
>                 .max_tokens     = IW_ESSID_MAX_SIZE,
>         },
> 
> So the buffer size is (strangely) IW_ESSID_MAX_SIZE
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> Reviewed-by: Jeff Johnson <quic_jjohnson@quicinc.com>

Patch applied to wireless-next.git, thanks.

9beac4ee4928 wifi: airo: replace deprecated strncpy with strscpy_pad

-- 
https://patchwork.kernel.org/project/linux-wireless/patch/20231026-strncpy-drivers-net-wireless-cisco-airo-c-v2-1-413427249e47@google.com/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches