diff options
| author | Justin Stitt | 2023-09-11 18:59:31 +0000 |
|---|---|---|
| committer | Juergen Gross | 2023-09-19 07:04:49 +0200 |
| commit | 0fc6ff5a0f0488e09b496773c440ed5bb36d1f0d (patch) | |
| tree | 4df01caf05793e0190afae897eb2beebd301eb8c /include | |
| parent | 49147beb0ccbf4c5bb81a44be93ec3bc5e4a79f1 (diff) | |
xen/efi: refactor deprecated strncpy
`strncpy` is deprecated for use on NUL-terminated destination strings [1].
`efi_loader_signature` has space for 4 bytes. We are copying "Xen" (3 bytes)
plus a NUL-byte which makes 4 total bytes. With that being said, there is
currently not a bug with the current `strncpy()` implementation in terms of
buffer overreads but we should favor a more robust string interface
either way.
A suitable replacement is `strscpy` [2] due to the fact that it guarantees
NUL-termination on the destination buffer while being functionally the
same in this case.
Link: www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings[1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230911-strncpy-arch-x86-xen-efi-c-v1-1-96ab2bba2feb@google.com
Signed-off-by: Juergen Gross <jgross@suse.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions