[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-hardening
Subject: Re: [PATCH] um: Remove strlcpy declaration
From: Kees Cook <keescook () chromium ! org>
Date: 2023-07-27 15:52:54
Message-ID: 169047317154.2400214.3532264877542326061.b4-ty () chromium ! org
[Download RAW message or body]
On Mon, 03 Jul 2023 16:06:41 +0000, Azeem Shaikh wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
> No return values were used, so direct replacement is safe.
>
> [...]
Applied, thanks!
[1/1] um: Remove strlcpy declaration
https://git.kernel.org/kees/c/61ce78f29a69
Best regards,
--
Kees Cook
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic