Re: [PATCH] staging: r8188eu: fix a gcc warning

From: Dan Carpenter
Date: Wed Nov 03 2021 - 07:04:09 EST

Next message: Dafna Hirschfeld: "Re: [PATCH v4] media: mtk-vpu: Ensure alignment of 8 for DTCM buffer"
Previous message: Wells Lu: "[PATCH 2/2] net: ethernet: Add driver for Sunplus SP7021"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 19, 2021 at 12:12:31AM +0200, Michael Straube wrote:
> diff --git a/drivers/staging/r8188eu/os_dep/ioctl_linux.c b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> index 51f46696a593..4f0ae821d193 100644
> --- a/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> +++ b/drivers/staging/r8188eu/os_dep/ioctl_linux.c
> @@ -1926,7 +1926,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
> return -1;
> }
>
> - strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
> + strlcpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);

Greg has already taken this, and it's not a big deal, but generally
avoid using strlcpy(). It should be strscpy(). The difference is that
strlcpy() does strlen(alg_name) so it can be a read overflow if the
alg_name is not NUL terminated.

In this case, we know that alg_name is valid so it's fine.

I think that strlcpy() could all be converted to strscpy() without
breaking anything? So eventually someone will probably use sed or
coccinelle to do that.

Changing strncpy() to strscpy() is more complicated because maybe people
test afterwards to see if the last character is NUL and also because
some need to be converted to strscpy_pad().

regards,
dan carpenter

Next message: Dafna Hirschfeld: "Re: [PATCH v4] media: mtk-vpu: Ensure alignment of 8 for DTCM buffer"
Previous message: Wells Lu: "[PATCH 2/2] net: ethernet: Add driver for Sunplus SP7021"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]