On Mon, Sep 09, 2024 at 03:48:39PM -0700, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings [1] and > as such we should prefer more robust and less ambiguous string interfaces. > > In this particular instance, the usage of strncpy() is fine and works as > expected. However, towards the goal of [2], we should consider replacing > it with an alternative as many instances of strncpy() are bug-prone. Its > removal from the kernel promotes better long term health for the > codebase. > > The current usage of strncpy() likely just wants the NUL-padding > behavior offered by strncpy() and doesn't care about the > NUL-termination. Since the compiler doesn't know the size of @dest, we > can't use strtomem_pad(). Instead, use strscpy_pad() which behaves > functionally the same as strncpy() in this context -- as we expect > br_dev->name to be NUL-terminated itself. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://github.com/KSPP/linux/issues/90 [2] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Cc: linux-hardening@xxxxxxxxxxxxxxx > Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx> > --- > Note: build-tested only. Reviewed-by: Simon Horman <horms@xxxxxxxxxx>
