Found by checkpatch. Replace strcpy() with strscpy() for safer string handling per KSPP recommendations.
Two changes: - apparmorfs.c: gen_symlink_name() uses tracked buffer size - lib.c: aa_policy_init() uses exact allocation size Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Ryan Foster <[email protected]> --- security/apparmor/apparmorfs.c | 2 +- security/apparmor/lib.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 907bd2667e28..f38974231df2 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -1614,7 +1614,7 @@ static char *gen_symlink_name(int depth, const char *dirname, const char *fname) return ERR_PTR(-ENOMEM); for (; depth > 0; depth--) { - strcpy(s, "../../"); + strscpy(s, "../../", size); s += 6; size -= 6; } diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index 82dbb97ad406..7cb393f91a10 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c @@ -487,7 +487,7 @@ bool aa_policy_init(struct aa_policy *policy, const char *prefix, } else { hname = aa_str_alloc(strlen(name) + 1, gfp); if (hname) - strcpy(hname, name); + strscpy(hname, name, strlen(name) + 1); } if (!hname) return false; -- 2.52.0
