> On Feb 22, 2021, at 10:12 AM, Romain Perier <romain.perier@xxxxxxxxx> wrote: > > The strlcpy() reads the entire source buffer first, it is dangerous if > the source buffer lenght is unbounded or possibility non NULL-terminated. > It can lead to linear read overflows, crashes, etc... > > As recommended in the deprecated interfaces [1], it should be replaced > by strscpy. > > This commit replaces all calls to strlcpy that handle the return values > by the corresponding strscpy calls with new handling of the return > values (as it is quite different between the two functions). > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > > Signed-off-by: Romain Perier <romain.perier@xxxxxxxxx> Hi Romain- I assume you are waiting for a maintainer's Ack? IMHO Trond or Anna should provide it for changes to this particular source file. > --- > net/sunrpc/clnt.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c > index 612f0a641f4c..3c5c4ad8a808 100644 > --- a/net/sunrpc/clnt.c > +++ b/net/sunrpc/clnt.c > @@ -282,7 +282,7 @@ static struct rpc_xprt *rpc_clnt_set_transport(struct rpc_clnt *clnt, > > static void rpc_clnt_set_nodename(struct rpc_clnt *clnt, const char *nodename) > { > - clnt->cl_nodelen = strlcpy(clnt->cl_nodename, > + clnt->cl_nodelen = strscpy(clnt->cl_nodename, > nodename, sizeof(clnt->cl_nodename)); > } > > @@ -422,6 +422,10 @@ static struct rpc_clnt * rpc_new_client(const struct rpc_create_args *args, > nodename = utsname()->nodename; > /* save the nodename */ > rpc_clnt_set_nodename(clnt, nodename); > + if (clnt->cl_nodelen == -E2BIG) { > + err = -ENOMEM; > + goto out_no_path; > + } > > err = rpc_client_register(clnt, args->authflavor, args->client_name); > if (err) > -- Chuck Lever