> On Jun 12, 2023, at 8:40 PM, Azeem Shaikh <azeemshaikh38@xxxxxxxxx> wrote: > > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). Using sprintf() seems cleaner to me: it would get rid of the undocumented naked integer. Would that work for you? > Direct replacement is safe here since the getter in kernel_params_ops > handles -errorno return [3]. s/errorno/errno/ > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > [2] https://github.com/KSPP/linux/issues/89 > [3] https://elixir.bootlin.com/linux/v6.4-rc6/source/include/linux/moduleparam.h#L52 > > Signed-off-by: Azeem Shaikh <azeemshaikh38@xxxxxxxxx> > --- > net/sunrpc/svc.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c > index e6d4cec61e47..e5f379c4fdb3 100644 > --- a/net/sunrpc/svc.c > +++ b/net/sunrpc/svc.c > @@ -109,13 +109,13 @@ param_get_pool_mode(char *buf, const struct kernel_param *kp) > switch (*ip) > { > case SVC_POOL_AUTO: > - return strlcpy(buf, "auto\n", 20); > + return strscpy(buf, "auto\n", 20); > case SVC_POOL_GLOBAL: > - return strlcpy(buf, "global\n", 20); > + return strscpy(buf, "global\n", 20); > case SVC_POOL_PERCPU: > - return strlcpy(buf, "percpu\n", 20); > + return strscpy(buf, "percpu\n", 20); > case SVC_POOL_PERNODE: > - return strlcpy(buf, "pernode\n", 20); > + return strscpy(buf, "pernode\n", 20); > default: > return sprintf(buf, "%d\n", *ip); > } > -- > 2.41.0.162.gfafddb0af9-goog > > -- Chuck Lever
