[PATCH] lkdtm/fortify: Swap memcpy() for strncpy()
From: Kees Cook
Date: Wed Feb 16 2022 - 15:25:53 EST
The memcpy() runtime defenses are still not landed, so test with
strncpy() for now.
Reported-by: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
Cc: Arnd Bergmann <arnd@xxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
drivers/misc/lkdtm/fortify.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/misc/lkdtm/fortify.c b/drivers/misc/lkdtm/fortify.c
index d06458a4858e..ab33bb5e2e7a 100644
--- a/drivers/misc/lkdtm/fortify.c
+++ b/drivers/misc/lkdtm/fortify.c
@@ -44,14 +44,14 @@ void lkdtm_FORTIFIED_SUBOBJECT(void)
strscpy(src, "over ten bytes", size);
size = strlen(src) + 1;
- pr_info("trying to strcpy past the end of a member of a struct\n");
+ pr_info("trying to strncpy past the end of a member of a struct\n");
/*
- * memcpy(target.a, src, 20); will hit a compile error because the
+ * strncpy(target.a, src, 20); will hit a compile error because the
* compiler knows at build time that target.a < 20 bytes. Use a
* volatile to force a runtime error.
*/
- memcpy(target.a, src, size);
+ strncpy(target.a, src, size);
/* Store result to global to prevent the code from being eliminated */
fortify_scratch_space = target.a[3];
--
2.30.2