On Tue, Oct 19, 2021 at 12:12:31AM +0200, Michael Straube wrote: > diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c > index 51f46696a593..4f0ae821d193 100644 > --- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c > +++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c > @@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev, > return -1; > } > > - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN); > + strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN); Greg has already taken this, and it's not a big deal, but generally avoid using strlcpy(). It should be strscpy(). The difference is that strlcpy() does strlen(alg_name) so it can be a read overflow if the alg_name is not NUL terminated. In this case, we know that alg_name is valid so it's fine. I think that strlcpy() could all be converted to strscpy() without breaking anything? So eventually someone will probably use sed or coccinelle to do that. Changing strncpy() to strscpy() is more complicated because maybe people test afterwards to see if the last character is NUL and also because some need to be converted to strscpy_pad(). regards, dan carpenter
