On Mon, Oct 23, 2023 at 08:12:22PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We expect hba->chip_num to be NUL-terminated based on its usage with > format strings: > > snprintf(fc_host_symbolic_name(lport->host), 256, > "%s (QLogic %s) v%s over %s", > BNX2FC_NAME, hba->chip_num, BNX2FC_VERSION, > interface->netdev->name); > > Moreover, NUL-padding is not required as hba is zero-allocated from its > callsite: > > hba = kzalloc(sizeof(*hba), GFP_KERNEL); > > Considering the above, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Regarding stats_addr->version, I've opted to also use strscpy() instead > of strscpy_pad() as I typically see these XYZ_get_strings() pass > zero-allocated data. I couldn't track all of where > bnx2fc_ulp_get_stats() is used and if required, we could opt for > strscpy_pad(). > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@xxxxxxxxxxxxxxx > Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx> This all looks correct to me. Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
