On Fri 2023-09-08 14:19:49, Sasha Levin wrote: > From: Azeem Shaikh <azeemshaikh38@xxxxxxxxx> > > [ Upstream commit babb80b3ecc6f40c962e13c654ebcd27f25ee327 ] > > strlcpy() reads the entire source buffer first. > This read may exceed the destination size limit. > This is both inefficient and can lead to linear read > overflows if a source string is not NUL-terminated [1]. > In an effort to remove strlcpy() completely [2], replace > strlcpy() here with strscpy(). > > Direct replacement is safe here since return value of -errno > is used to check for truncation instead of sizeof(dest). We don't need this in stable, do we? BR, Pavel -- DENX Software Engineering GmbH, Managing Director: Erika Unter HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Attachment:
signature.asc
Description: PGP signature
