Replacing strcpy with strscpy and memory bound the copy. strcpy is a deprecated function. It should be removed from the kernel source. Reference: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed <qasim.majeed20@xxxxxxxxx> > In what way exactly is it vulnerable? strcpy is a deprecated interface (reference: https://github.com/KSPP/linux/issues/88). It should be removed from kernel source. It is reported as vulnerable in Enabling Linux in Safety Critical Applications (ELISA) builder. > Why is a runtime check needed here if all of the sizes in question are known at compile time? Runtime check has been replaced with compile time check. --- v1 -> v2: Commit message has been updated and runtime check is replace with compile time check. drivers/acpi/acpi_video.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c index 1fda30388297..be8346a66374 100644 --- a/drivers/acpi/acpi_video.c +++ b/drivers/acpi/acpi_video.c @@ -1128,8 +1128,8 @@ static int acpi_video_bus_get_one_device(struct acpi_device *device, void *arg) return -ENOMEM; } - strcpy(acpi_device_name(device), ACPI_VIDEO_DEVICE_NAME); - strcpy(acpi_device_class(device), ACPI_VIDEO_CLASS); + strscpy(acpi_device_name(device), ACPI_VIDEO_DEVICE_NAME, sizeof(ACPI_VIDEO_DEVICE_NAME)); + strscpy(acpi_device_class(device), ACPI_VIDEO_CLASS, sizeof(ACPI_VIDEO_CLASS)); data->device_id = device_id; data->video = video; @@ -2010,8 +2010,8 @@ static int acpi_video_bus_add(struct acpi_device *device) } video->device = device; - strcpy(acpi_device_name(device), ACPI_VIDEO_BUS_NAME); - strcpy(acpi_device_class(device), ACPI_VIDEO_CLASS); + strscpy(acpi_device_name(device), ACPI_VIDEO_BUS_NAME, sizeof(ACPI_VIDEO_BUS_NAME)); + strscpy(acpi_device_class(device), ACPI_VIDEO_CLASS, sizeof(ACPI_VIDEO_CLASS)); device->driver_data = video; acpi_video_bus_find_cap(video); -- 2.34.1
