On Wed 29 Aug 00:57 PDT 2018, Niklas Cassel wrote: > 'adev->name' is used as a NUL-terminated string, but using strncpy() with the > length equal to the buffer size may result in lack of the termination: > > In function 'apr_add_device', > inlined from 'of_register_apr_devices' at drivers//soc/qcom/apr.c:264:7, > inlined from 'apr_probe' at drivers//soc/qcom/apr.c:290:2: > drivers//soc/qcom/apr.c:222:3: warning: 'strncpy' specified bound 32 equals destination size [-Wstringop-truncation] > strncpy(adev->name, np->name, APR_NAME_SIZE); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > This changes it to use the safer strscpy() instead. > > Signed-off-by: Niklas Cassel <niklas.cassel@xxxxxxxxxx> Reviewed-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx> Regards, Bjorn > --- > drivers/soc/qcom/apr.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/soc/qcom/apr.c b/drivers/soc/qcom/apr.c > index 57af8a537332..ee9197f5aae9 100644 > --- a/drivers/soc/qcom/apr.c > +++ b/drivers/soc/qcom/apr.c > @@ -219,9 +219,9 @@ static int apr_add_device(struct device *dev, struct device_node *np, > adev->domain_id = id->domain_id; > adev->version = id->svc_version; > if (np) > - strncpy(adev->name, np->name, APR_NAME_SIZE); > + strscpy(adev->name, np->name, APR_NAME_SIZE); > else > - strncpy(adev->name, id->name, APR_NAME_SIZE); > + strscpy(adev->name, id->name, APR_NAME_SIZE); > > dev_set_name(&adev->dev, "aprsvc:%s:%x:%x", adev->name, > id->domain_id, id->svc_id); > -- > 2.17.1 >
