vboxsf: Replace all non-returning strlcpy with strscpy

azeemshaikh38 · kees · commit 883f8fe87686 · 2023-05-22T12:35:14.000-07:00
strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] KSPP#89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230510211146.3486600-1-azeemshaikh38@gmail.com
diff --git a/fs/vboxsf/super.c b/fs/vboxsf/super.c
@@ -176,7 +176,7 @@ static int vboxsf_fill_super(struct super_block *sb, struct fs_context *fc)
 	}
 	folder_name->size = size;
 	folder_name->length = size - 1;
-	strlcpy(folder_name->string.utf8, fc->source, size);
+	strscpy(folder_name->string.utf8, fc->source, size);
 	err = vboxsf_map_folder(folder_name, &sbi->root);
 	kfree(folder_name);
 	if (err) {

Original file line number	Diff line number	Diff line change
`@@ -176,7 +176,7 @@ static int vboxsf_fill_super(struct super_block sb, struct fs_context fc)`
`176`	`176`	`}`
`177`	`177`	`folder_name->size = size;`
`178`	`178`	`folder_name->length = size - 1;`
`179`		`- strlcpy(folder_name->string.utf8, fc->source, size);`
	`179`	`+ strscpy(folder_name->string.utf8, fc->source, size);`
`180`	`180`	`err = vboxsf_map_folder(folder_name, &sbi->root);`
`181`	`181`	`kfree(folder_name);`
`182`	`182`	`if (err) {`