On Fri, Sep 22, 2023 at 11:58:06AM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We expect `iclock->name` to be NUL-terminated based on its use within > printk: > | printk(KERN_DEBUG "%s: %s %d\n", __func__, iclock->name, > | iclock->pri); > > `iclock` is zero-initialized and as such is already NUL-padded which > means strncpy is doing extra work here by eagerly NUL-padding the > destination buffer. > > Considering the above, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Link: > https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings > [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: [email protected] > Signed-off-by: Justin Stitt <[email protected]>
Yup, looks like a clean replacement. Reviewed-by: Kees Cook <[email protected]> -- Kees Cook
