strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors.[1] [1]: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy Signed-off-by: Abdul Rahim <abdul.rahim@xxxxxxxxxxx> --- drivers/platform/x86/fujitsu-laptop.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/platform/x86/fujitsu-laptop.c b/drivers/platform/x86/fujitsu-laptop.c index ae992ac1ab4a..a0eae24ca9e6 100644 --- a/drivers/platform/x86/fujitsu-laptop.c +++ b/drivers/platform/x86/fujitsu-laptop.c @@ -505,8 +505,8 @@ static int acpi_fujitsu_bl_add(struct acpi_device *device) return -ENOMEM; fujitsu_bl = priv; - strcpy(acpi_device_name(device), ACPI_FUJITSU_BL_DEVICE_NAME); - strcpy(acpi_device_class(device), ACPI_FUJITSU_CLASS); + strscpy(acpi_device_name(device), ACPI_FUJITSU_BL_DEVICE_NAME); + strscpy(acpi_device_class(device), ACPI_FUJITSU_CLASS); device->driver_data = priv; pr_info("ACPI: %s [%s]\n", @@ -891,8 +891,8 @@ static int acpi_fujitsu_laptop_add(struct acpi_device *device) WARN_ONCE(fext, "More than one FUJ02E3 ACPI device was found. Driver may not work as intended."); fext = device; - strcpy(acpi_device_name(device), ACPI_FUJITSU_LAPTOP_DEVICE_NAME); - strcpy(acpi_device_class(device), ACPI_FUJITSU_CLASS); + strscpy(acpi_device_name(device), ACPI_FUJITSU_LAPTOP_DEVICE_NAME); + strscpy(acpi_device_class(device), ACPI_FUJITSU_CLASS); device->driver_data = priv; /* kfifo */ -- 2.43.0
