Hi Dmitry, This fix is the same as [1]. Without checking the return value, Wolfram's patch [2] fails our downstream build script. I'm adding my r-b, if it makes any difference ;). Reviewed-by: Ping Cheng <ping.cheng@xxxxxxxxx> Thank you, Ping [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/hid/wacom_sys.c?id=d9eef346b601afb0bd74b49e0db06f6a5cebd030 [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/input/touchscreen/wacom_w8001.c?id=a9f08ad7adb3d2f90e11efbb40a1246ef95b0c04 On Fri, May 10, 2024 at 4:43 PM <joshua@xxxxxxxxxxxxxxxxxx> wrote: > > From: Joshua Dickens <Joshua@xxxxxxxxxxxxxxxxxx> > > The strscpy function is able to return an error code when a copy would > overflow the size of the destination. The copy is stopped and the buffer > terminated before overflow actually occurs so it is safe to continue > execution, but we should still produce a warning should this occur. > > Signed-off-by: Joshua Dickens <joshua.dickens@xxxxxxxxx> > --- > drivers/input/touchscreen/wacom_w8001.c | 17 ++++++++++++++--- > 1 file changed, 14 insertions(+), 3 deletions(-) > > diff --git a/drivers/input/touchscreen/wacom_w8001.c b/drivers/input/touchscreen/wacom_w8001.c > index 928c5ee3ac36..b8acf196a09a 100644 > --- a/drivers/input/touchscreen/wacom_w8001.c > +++ b/drivers/input/touchscreen/wacom_w8001.c > @@ -625,7 +625,10 @@ static int w8001_connect(struct serio *serio, struct serio_driver *drv) > /* For backwards-compatibility we compose the basename based on > * capabilities and then just append the tool type > */ > - strscpy(basename, "Wacom Serial", sizeof(basename)); > + if (strscpy(basename, "Wacom Serial", sizeof(basename)) < 0) { > + dev_warn(&w8001->pen_dev->dev, > + "String overflow while assembling basename"); > + } > > err_pen = w8001_setup_pen(w8001, basename, sizeof(basename)); > err_touch = w8001_setup_touch(w8001, basename, sizeof(basename)); > @@ -635,7 +638,11 @@ static int w8001_connect(struct serio *serio, struct serio_driver *drv) > } > > if (!err_pen) { > - strscpy(w8001->pen_name, basename, sizeof(w8001->pen_name)); > + if (strscpy(w8001->pen_name, basename, > + sizeof(w8001->pen_name)) < 0) { > + dev_warn(&w8001->pen_dev->dev, > + "String overflow while assembling pen_name"); > + } > strlcat(w8001->pen_name, " Pen", sizeof(w8001->pen_name)); > input_dev_pen->name = w8001->pen_name; > > @@ -651,7 +658,11 @@ static int w8001_connect(struct serio *serio, struct serio_driver *drv) > } > > if (!err_touch) { > - strscpy(w8001->touch_name, basename, sizeof(w8001->touch_name)); > + if (strscpy(w8001->touch_name, basename, > + sizeof(w8001->touch_name)) < 0) { > + dev_warn(&w8001->touch_dev->dev, > + "String overflow while assembling touch_name"); > + } > strlcat(w8001->touch_name, " Finger", > sizeof(w8001->touch_name)); > input_dev_touch->name = w8001->touch_name; > -- > 2.45.0 >
