Kees, > On Wed, 17 May 2023 14:29:55 +0000, Azeem Shaikh wrote: >> strlcpy() reads the entire source buffer first. >> This read may exceed the destination size limit. >> This is both inefficient and can lead to linear read >> overflows if a source string is not NUL-terminated [1]. >> In an effort to remove strlcpy() completely [2], replace >> strlcpy() here with strscpy(). >> No return values were used, so direct replacement is safe. >> >> [...] > > Applied to for-next/hardening, thanks! > > [1/1] scsi: 3w-9xxx: Replace all non-returning strlcpy with strscpy > https://git.kernel.org/kees/c/fa36c95739ab Are you planning on sending these? That's fine with me, just need to know if I should close them in patchwork... -- Martin K. Petersen Oracle Linux Engineering
