Reply-To: In-Reply-To: <20210219084038.GA7564@xxxxxxxxxxxxxxxxxx> On Fri, Feb 19, 2021 at 02:10:38PM +0530, Palash Oswal wrote: > The strlcpy() function is unsafe in that the source buffer length > is unbounded or possibly be non NULL terminated. This can cause > memory over-reads, crashes, etc. > > Link: https://github.com/KSPP/linux/issues/89 > Signed-off-by: Palash Oswal <hello@xxxxxxxxxxxxxxx> The long description does not explain what the commit does, and does not include any details about deprecation of strlcpy(), which at least I'm not aware of. I don't think *length* ever is NULL terminated. The first sentence is somewhat weird. Also strlcpy() does have a bounds check. Generally, the description and reasoning is sloppy to say the least. /Jarkko > --- > security/integrity/ima/ima_api.c | 2 +- > security/integrity/ima/ima_policy.c | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c > index 1dd70dc68ffd..2f3b8257181d 100644 > --- a/security/integrity/ima/ima_api.c > +++ b/security/integrity/ima/ima_api.c > @@ -399,7 +399,7 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *namebuf) > } > > if (!pathname) { > - strlcpy(namebuf, path->dentry->d_name.name, NAME_MAX); > + strscpy(namebuf, path->dentry->d_name.name, NAME_MAX); > pathname = namebuf; > } > > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index 9b45d064a87d..010839aef6ba 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -791,7 +791,7 @@ static int __init ima_init_arch_policy(void) > char rule[255]; > int result; > > - result = strlcpy(rule, *rules, sizeof(rule)); > + strscpy(rule, *rules, sizeof(rule)); > > INIT_LIST_HEAD(&arch_policy_entry[i].list); > result = ima_parse_rule(rule, &arch_policy_entry[i]); > > base-commit: f6692213b5045dc461ce0858fb18cf46f328c202 > -- > 2.27.0 > >
