On Fri, Feb 23, 2024 at 10:23:11PM +0000, Justin Stitt wrote:
> buffer->driver_version is sized 32:
> | struct bmic_host_wellness_driver_version {
> | ...
> | char driver_version[32];
> ... the source string "Linux " + DRIVER_VERISON is sized at 16. There's
> really no bug in the existing code since the buffers are sized
> appropriately with great care taken to manually NUL-terminate the
> destination buffer. Nonetheless, let's make the swap over to strscpy()
> for robustness' (and readability's) sake.
>
> Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx>
Yup, good cleanup.
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
--
Kees Cook
