On Tue, Jun 13, 2023 at 3:43 PM Chuck Lever III <chuck.lever@xxxxxxxxxx> wrote: > > > On Jun 13, 2023, at 3:42 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > > > On Tue, Jun 13, 2023 at 02:18:06PM +0000, Chuck Lever III wrote: > >> > >> > >>> On Jun 12, 2023, at 8:40 PM, Azeem Shaikh <azeemshaikh38@xxxxxxxxx> wrote: > >>> > >>> strlcpy() reads the entire source buffer first. > >>> This read may exceed the destination size limit. > >>> This is both inefficient and can lead to linear read > >>> overflows if a source string is not NUL-terminated [1]. > >>> In an effort to remove strlcpy() completely [2], replace > >>> strlcpy() here with strscpy(). > >> > >> Using sprintf() seems cleaner to me: it would get rid of > >> the undocumented naked integer. Would that work for you? > > > > This is changing the "get" routine for reporting module parameters out > > of /sys. I think the right choice here is sysfs_emit(), as it performs > > the size tracking correctly. (Even the "default" sprintf() call should > > be replaced too, IMO.) > > Agreed, that's even better. > Thanks folks. Will send over a v2 which replaces strlcpy with sysfs_emit.
