Re: [PATCH] Fix possible strscpy() buffer overflows

Next message: Guopeng Zhang: "[PATCH] cgroup/dmem: return -ENOMEM on failed pool preallocation"
Previous message: w15303746062: "Re:Re: [PATCH] watchdog: wdt_pci: Fix shared IRQ storm and complete system lockup"
In reply to: David Laight: "Re: [PATCH] Fix possible strscpy() buffer overflows"
Next in thread: Andrei Purdea: "Re: [PATCH] Fix possible strscpy() buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Geraldo Nascimento

Date: Sun May 10 2026 - 21:30:40 EST

Hi David,

On Sun, May 10, 2026 at 11:08:53PM +0100, David Laight wrote:
> On Sun, 10 May 2026 20:24:41 +0200
> "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx> wrote:
>
> > In the changed files, strings were copied like this:
> >
> > strscpy(DST, SRC, strlen(SRC));
> >
> > A buffer overflow would happen if strlen(SRC) > sizeof(DST).
> > Actually, strscpy() must be used this way:
> >
> > strscpy(DST, SRC, sizeof(DST));
> > strscpy(DST, SRC); // defaults to sizeof(DST)
>
> Nak.
>
> This is test code and deliberately doing things 'wrong'.
>
> -- David

while the change to fortify.c is what you described, the other two look
like good catches to me.

Thanks,
Geraldo Nascimento
>
> >
> > Signed-off-by: Alexander A. Klimov <grandmaster@xxxxxxxxxxxx>
> > ---
> > drivers/edac/versalnet_edac.c | 3 +--
> > drivers/misc/lkdtm/fortify.c | 6 +-----
> > sound/soc/codecs/fs210x.c | 2 +-
> > 3 files changed, 3 insertions(+), 8 deletions(-)