clocksource: Replace all non-returning strlcpy with strscpy

strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Acked-by: John Stultz <jstultz@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230530163546.986188-1-azeemshaikh38@gmail.com
author: Azeem Shaikh <azeemshaikh38@gmail.com> 2023-05-30 16:35:46 +0000
committer: Kees Cook <keescook@chromium.org> 2023-06-01 11:24:50 -0700
commit: 76edc27eda068fb8222c452d522d4c93bcebe557 (patch)
tree: 7a564577bb4dc77f00d74aa9a830148c5aa1914f /kernel/time
parent: f9cfb1910ece5b5dbedca096fc9b7c9fe4fd3c50 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/time/clocksource.c b/kernel/time/clocksource.c
index 91836b727cef..88cbc1181b23 100644
--- a/kernel/time/clocksource.c
+++ b/kernel/time/clocksource.c
@@ -1480,7 +1480,7 @@ static int __init boot_override_clocksource(char* str)
 {
 	mutex_lock(&clocksource_mutex);
 	if (str)
-		strlcpy(override_name, str, sizeof(override_name));
+		strscpy(override_name, str, sizeof(override_name));
 	mutex_unlock(&clocksource_mutex);
 	return 1;
 }
author	Azeem Shaikh <azeemshaikh38@gmail.com>	2023-05-30 16:35:46 +0000
committer	Kees Cook <keescook@chromium.org>	2023-06-01 11:24:50 -0700
commit	76edc27eda068fb8222c452d522d4c93bcebe557 (patch)
tree	7a564577bb4dc77f00d74aa9a830148c5aa1914f /kernel/time
parent	f9cfb1910ece5b5dbedca096fc9b7c9fe4fd3c50 (diff)