On Mon, Dec 16, 2024 at 02:45:15PM -0800, Kees Cook wrote: > Since we have already allocated "len + 1" space for event->name, make sure > that name->name cannot ever accidentally cause a copy overflow by calling > strscpy() instead of the unbounded strcpy() routine. This assists in > the ongoing efforts to remove the unsafe strcpy() API[1] from the kernel. Since a qstr can't contain a NUL before the length, why not just use memcpy()? > event->name_len = len; > if (len) > - strcpy(event->name, name->name); > + strscpy(event->name, name->name, event->name_len + 1);
