On Thu, Jul 27, 2023 at 08:30:18PM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > A suitable replacement is `strscpy` [2] due to the fact that it > guarantees NUL-termination on its destination buffer argument which is > _not_ the case for `strncpy`! > > It was pretty difficult, in this case, to try and figure out whether or > not the destination buffer was zero-initialized. If it is and this > behavior is relied on then perhaps `strscpy_pad` is the preferred > option here. > > Kees was able to help me out and identify the following code snippet > which seems to show that the destination buffer is zero-initialized. > > | skl = devm_kzalloc(&pci->dev, sizeof(*skl), GFP_KERNEL); > > With this information, I opted for `strscpy` since padding is seemingly > not required. > > [1]: www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings > [2]: manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > > Link: https://github.com/KSPP/linux/issues/90 > Suggested-by: Kees Cook <keescook@xxxxxxxxxxxx> > Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx> Thanks for the updates! And based on the details from Amadeusz, it looks safe. Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
